firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 05:41:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RAnB2JSn4OwPomux7Z_E50E6PmMfcrHIcuU7kiyh2sEJ88xiixVKbQ==
Age: 2137
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10450
Expires: Fri, 02 Sep 2022 09:11:28 GMT
Date: Fri, 02 Sep 2022 06:17:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ps3RWMKzakEa8RsU52-4enzjTVbr2ksICBfjxxhxLboXPwcIHfC6pg==
age: 18121
X-Firefox-Spdy: h2
wangdai3.com/xampp
173.208.93.21301 Moved Permanently 0 B IP 173.208.93.21:0
ASN #395954 LEASEWEB-USA-LAX-11
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /xampp HTTP/1.1
Host: wangdai3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Sep 2022 06:17:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.wangdai3.com/xampp
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:17:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.wangdai3.com/xampp
173.208.93.21200 OK 617 B IP 173.208.93.21:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (955), with CRLF line terminators
Hash 455256b64d32f64a47de7bd8d36cc391
b5476d3bbdc30de5dd2c96d059a5582720cd7046
da057f335d60b542fa6b7c81886bfed968242249898ad846e511d16d95bb28a0
Analyzer Verdict Alert fortinet Malware
GET /xampp HTTP/1.1
Host: www.wangdai3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 06:17:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 05:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 06:08:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T5By5FvcSQljljUyo_5I1zWlEcKUwG4sZ99dIJEoSENCOHYM0Jlx5g==
Age: 2342
www.wangdai3.com/common.js
173.208.93.21200 OK 664 B URL HTTP/1.1 www.wangdai3.com/common.js
IP 173.208.93.21:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 39c13fad1c904b3acb1cb405a00c390e
a9078c61ca1298f38a4393f65121e14ef55918eb
30284b0cb5cb283faa6d246ebd4d64dc4096554511ced6a2061df2744a91dca2
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.wangdai3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wangdai3.com/xampp
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 06:17:06 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:17:19 GMT
Last-Modified: Fri, 02 Sep 2022 04:46:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15f1b0c70bb7eb1fdf6e7e9516b2d95
f5b820b7629c0997735fdba706dc3d605c97ce90
3a466ed8b6f1822b2df4da20586b314a92624ce386e16d96227c71625e476e16
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3A466ED8B6F1822B2DF4DA20586B314A92624CE386E16D96227C71625E476E16"
Last-Modified: Wed, 31 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16902
Expires: Fri, 02 Sep 2022 10:59:01 GMT
Date: Fri, 02 Sep 2022 06:17:19 GMT
Connection: keep-alive
www.wangdai3.com/tj.js
173.208.93.21200 OK 102 B IP 173.208.93.21:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document, ASCII text, with no line terminators
Hash a0fe4b5339dce6ef926542fece43d0a1
f10c694024bc8dbcb7c2e2d25aae6127adf3a7ea
8abe078ed432ea3bbb1a370548fd90bc666150e821714710fe9fd39daee33019
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.wangdai3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wangdai3.com/xampp
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 06:17:06 GMT
Content-Type: application/x-javascript
Content-Length: 102
Connection: keep-alive
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wnTyCVz278kccL7dkwnKgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +bR5KkE01RDepfSdRPGp4anpvCg=
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15f1b0c70bb7eb1fdf6e7e9516b2d95
f5b820b7629c0997735fdba706dc3d605c97ce90
3a466ed8b6f1822b2df4da20586b314a92624ce386e16d96227c71625e476e16
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3A466ED8B6F1822B2DF4DA20586B314A92624CE386E16D96227C71625E476E16"
Last-Modified: Wed, 31 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16902
Expires: Fri, 02 Sep 2022 10:59:01 GMT
Date: Fri, 02 Sep 2022 06:17:19 GMT
Connection: keep-alive
www.69t104.com/static/images/logo.png
172.67.188.148200 OK 3.3 kB URL HTTP/2 www.69t104.com/static/images/logo.png
IP 172.67.188.148:0
File type PNG image data, 279 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f098ef0c93c9ba9b7d667af9253e410
60dde06763487a4d4e10f2363645732b0ae9b318
1af3884a3f9861b8d37f397930a487c63802b4a554bceba19161fefbf7ab96bb
GET /static/images/logo.png HTTP/1.1
Host: www.69t104.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/?66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:19 GMT
content-type: image/png
content-length: 3272
last-modified: Wed, 19 Jan 2022 07:50:14 GMT
etag: "cc8-5d5eaa2cd9980"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4677
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8Ae1WgEW56wPZIWveV0Hl0zza%2BIxOnLAcLjVp3IRGS%2BkSEaBKuACzJ8sj9XCwg1zNpjYp71LhxwIcseBFpMLvZjJ4GeTr3ys4ctbpvFFMfMoQ2X7Lkp%2BH7qpMmhQljNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74441f3988d9b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116396 bytes)
Hash 39f97e2203fa28057720efce95e3658a
19f47f5cb7059da7af21323f5bb409f77b0d87f1
623e925a2cb2c2a2c3d39ffd21b9675b25287622a8d019bc5a794317c8e77022
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116396
date: Fri, 02 Sep 2022 06:17:19 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
i.postimg.cc/nVsq0gy9/07-960x60.gif
141.94.200.42200 OK 38 kB URL HTTP/2 i.postimg.cc/nVsq0gy9/07-960x60.gif
IP 141.94.200.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 945a6d84f9d0f718ce037d10bd859cd9
a52fe5ea5d501944229c15ff099ae059b362608a
763f247521dfc442e928ae22baf5ebd46efc253f9796cca6053374616ade0f12
GET /nVsq0gy9/07-960x60.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:17:19 GMT
content-type: image/gif
content-length: 38193
last-modified: Mon, 15 Aug 2022 14:56:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash ef5a9311d9e29b7884b6d221f450bbcf
6c2d9b77bb9d3e34046b7424a77124ec7a1cb3e4
582bb6ae6127e91883e638adc653184e2a26e444fd2f3a3c3e009beb18b85626
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Sep 2022 04:16:22 GMT
ETag: "6c2d9b77bb9d3e34046b7424a77124ec7a1cb3e4"
Last-Modified: Fri, 02 Sep 2022 04:16:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 466
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f3bd92cb4ee-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8793a76fbd00df15e4c2476ca8285bb
de6bd85b86eb0d81a4faad3868cb8c2de12f0024
cf135bdf6829363a64d716fea2271e3a293ecfbb7700bbc4f479921d298932bb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CF135BDF6829363A64D716FEA2271E3A293ECFBB7700BBC4F479921D298932BB"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Fri, 02 Sep 2022 09:07:46 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
z4a.net/images/2022/05/12/pNOqhb.gif
104.21.234.235200 OK 299 kB URL HTTP/2 z4a.net/images/2022/05/12/pNOqhb.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /images/2022/05/12/pNOqhb.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:20 GMT
content-type: image/gif
content-length: 299398
expires: Fri, 12 May 2023 07:56:58 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 9757222
last-modified: Thu, 12 May 2022 07:56:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McXZchD6RCgAeHlF7YYN9sLkWQaLnZ6vjlEhsRmpraiJsQSzpB325E5RrjG5iSxxZXSWTsNPrf7eGEuK7sXscgQXyvToH%2BgZhgrZUScV74CbaxD8jAIA9l9M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74441f3c0d13e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8793a76fbd00df15e4c2476ca8285bb
de6bd85b86eb0d81a4faad3868cb8c2de12f0024
cf135bdf6829363a64d716fea2271e3a293ecfbb7700bbc4f479921d298932bb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CF135BDF6829363A64D716FEA2271E3A293ECFBB7700BBC4F479921D298932BB"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Fri, 02 Sep 2022 09:07:46 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
104.21.234.87200 OK 366 kB URL HTTP/2 kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 104.21.234.87:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
Analyzer Verdict Alert quad9 Sinkholed
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:20 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Tue, 20 Sep 2022 04:51:38 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1041942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnHhWpaqKe%2FLf%2BY%2FpNp%2Btrou2ebIqNXlo53%2B%2FRHFioVHwQkh%2Fgwj1ItQCeRraGZLgU%2BOulRmyGVAGYk0dwIwcXZw887OOzESzK3Zs5b2fq1GEYA3kshRYnjZVglc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74441f3c6db876c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21298371.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21298371.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 048695ba4e1df547a635a4848e20be9e
79ae32612547bec61a8bcec4341a0775b393ed05
481509c30be960e7def916f00aac206245a721866d41b5df7c76fb57407a3a96
Analyzer Verdict Alert fortinet Malware
GET /21298371.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wangdai3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=dced322952c8d6d6210; path=/
HWWAFSESTIME=1662099438635; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 84 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 661861e603514ed319d14662bee9d927
748e2c8e6698e52ac90acac7ea37fd7ba484d1b9
70f56d1de04d9d8933dfb594d6a53ed859108e866ad4bf2431a86e7c8bd75b7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0289BC53FD8AB2C8D384533CC63AFB99173942BE02279DA5B9D2C3F89542F70A"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20469
Expires: Fri, 02 Sep 2022 11:58:29 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a4c71bb51e299420dfe1e238f2dd17d
6a77be5234945767db9d3bb9a7fac61131795b41
dfafdf969ff462cbeaf982195439e1c3f8abecd8516719f1e259ac59bad0e9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFAFDF969FF462CBEAF982195439E1C3F8ABECD8516719F1E259AC59BAD0E9D0"
Last-Modified: Tue, 30 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10326
Expires: Fri, 02 Sep 2022 09:09:26 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03936120009q1y886F166.gif
104.110.17.24200 OK 565 kB URL HTTP/2 dimg04.c-ctrip.com/images/03936120009q1y886F166.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 565 kB (564883 bytes)
Hash 84d5d662707d4bc15c9e87b519740a83
c47b4374683ecdcd81c1d25d7c8ee2b102c597c9
c1ad307b4ce32ba61a73204dbe3dc3436b4aa5770ace8c89c7d44b851d689cd6
GET /images/03936120009q1y886F166.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 564883
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 241
cache-control: max-age=12786167
expires: Sat, 28 Jan 2023 06:00:07 GMT
date: Fri, 02 Sep 2022 06:17:20 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0104g120009wdbng33E1C.gif?proc=autoorient
104.110.17.24200 OK 271 kB URL HTTP/2 dimg04.c-ctrip.com/images/0104g120009wdbng33E1C.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 80\012- data
Size 271 kB (271241 bytes)
Hash 7564ab3fecc594173def5cf0c7543c6c
b22492a7fa92780dd7397aac3f6da0b5d70acbf7
076a94fa231776ac5364656253e76bbb4690c7482b592b90a73c2c9ca8a16b6d
GET /images/0104g120009wdbng33E1C.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 271241
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15384803
expires: Mon, 27 Feb 2023 07:50:43 GMT
date: Fri, 02 Sep 2022 06:17:20 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7fa5da85710d9e9e546e93a0f2c68c1
f3de6bcb4c6258d8fa24228b61c8b642d5c71058
b85e400871a1ec4e8c5e9a31bc3cf7ecd711642899751a8b2a0bd5b32925e557
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85E400871A1EC4E8C5E9A31BC3CF7ECD711642899751A8B2A0BD5B32925E557"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2236
Expires: Fri, 02 Sep 2022 06:54:36 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 02 Sep 2022 06:17:20 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1a2bfd8372ce2d07d634eda2c67b865d
86b3bd6af804933d33614f89fb7ff033fab99804
52f4b02bbb7bebe3079ed1c88db6a145fb4e7f7e96a825481e7f376e397c54bb
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Sep 2022 03:18:39 GMT
ETag: "86b3bd6af804933d33614f89fb7ff033fab99804"
Last-Modified: Fri, 02 Sep 2022 03:18:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1870
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f3e3d53fab4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 538433fb578934503f0ac04c5b7baff0
943c7c779f1c690312c5b0699c1054cf7f0d90eb
e3c7a312ca081b325bc6f212cccb9cb32671b7030e40defbea8bba7916882a49
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Sep 2022 03:24:39 GMT
ETag: "943c7c779f1c690312c5b0699c1054cf7f0d90eb"
Last-Modified: Fri, 02 Sep 2022 03:24:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f3e5d6bfab4-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b62b7c809e8301f12a737e972ff50e7f
f3bc3b8857945cc53b4db9ca7f6f292444262290
1cf360c5ba0a65ff0b609b9d1c84d7ed60f00defd890625509fa415946fce985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 03:00:12 GMT
Expires: Thu, 08 Sep 2022 03:00:11 GMT
Etag: "f3bc3b8857945cc53b4db9ca7f6f292444262290"
Cache-Control: max-age=505970,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f3e3cebb509-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6c22068ebedda7e023467fd02788a65
a9bec49cd5c0d1fd2e927100e43e3ac8c4300c0c
6c7d545f24daf75ba186980c626526607cdf0908874ca8fa8fa71f2b173e44f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C7D545F24DAF75BA186980C626526607CDF0908874CA8FA8FA71F2B173E44F4"
Last-Modified: Fri, 02 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Fri, 02 Sep 2022 12:16:27 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7590c950f3814a95f2481891486d2a96
6b57a89ceb7a8a712ac52ea13bef4714b9d0c02e
20c33b0d9516389423a1ac53a2244cf343cc3d0357e63d9bb2819f7913e69152
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20C33B0D9516389423A1AC53A2244CF343CC3D0357E63D9BB2819F7913E69152"
Last-Modified: Wed, 31 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19835
Expires: Fri, 02 Sep 2022 11:47:55 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
www.wangdai3.com/favicon.ico
173.208.93.21200 OK 1.2 kB URL HTTP/1.1 www.wangdai3.com/favicon.ico
IP 173.208.93.21:0
ASN #395954 LEASEWEB-USA-LAX-11
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.wangdai3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wangdai3.com/xampp
Cookie: __tins__21298371=%7B%22sid%22%3A%201662099439320%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201662101239320%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 06:17:07 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 07 Sep 2022 06:17:07 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash dc64fa242f837a528c80345c697663f1
19bd74ec9c83d695aa111fbbc56cde9efa0d03a0
aee8f8addfb9f90a50b5fdbfd71c4cfea595da830ea5351d9195590a845080ba
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Sep 2022 03:09:38 GMT
ETag: "19bd74ec9c83d695aa111fbbc56cde9efa0d03a0"
Last-Modified: Fri, 02 Sep 2022 03:09:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2581
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f3ffec8b4ee-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Sep 2022 06:17:20 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e09b434f0cd718d15a3ea0e617bffeb1
8187b89ee9e8e739a2bd1a86e0fca8b47935e07c
449f5eb01a9c1b5b35cfd766c743ee282d7b2fbc79fd7bf7afa0a1203f530671
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 19:20:04 GMT
Expires: Wed, 07 Sep 2022 19:20:03 GMT
Etag: "8187b89ee9e8e739a2bd1a86e0fca8b47935e07c"
Cache-Control: max-age=478362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f3ecdb1b509-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 06:17:20 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b62b7c809e8301f12a737e972ff50e7f
f3bc3b8857945cc53b4db9ca7f6f292444262290
1cf360c5ba0a65ff0b609b9d1c84d7ed60f00defd890625509fa415946fce985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 03:00:12 GMT
Expires: Thu, 08 Sep 2022 03:00:11 GMT
Etag: "f3bc3b8857945cc53b4db9ca7f6f292444262290"
Cache-Control: max-age=505970,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f3e3f34b529-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 31194
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b01e38b12bffb2f525351913eaa246cb
b7f8c0db9e2ddc795726b77b8f8f21037611fca8
e06e127b8ab197f09cc1b4a18d643908aef03898e86a80ca5f901865bfdbd5fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7174
x-amzn-requestid: 6b46447e-a28e-4ae8-978e-6729da4aff62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_FraoAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-67d9e46104e9215a6f13c224;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vPQvLQ8_vp4YJKL8eWIgpezOqP_xtwupVgL9ZIUq5udMwJ4TSpGbtA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:48:30 GMT
age: 30530
etag: "b7f8c0db9e2ddc795726b77b8f8f21037611fca8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 29430
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 936fc87b9b075451332b9318773b424d
debd54f88a7eaaea51f7080c476f5c2c3612f309
a1f489562f983a65236d3f3188eacf393bb5c892785be475209bbd9e6ccd79fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 01:13:59 GMT
Expires: Tue, 06 Sep 2022 01:13:58 GMT
Etag: "debd54f88a7eaaea51f7080c476f5c2c3612f309"
Cache-Control: max-age=326797,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f3f5c990b06-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6c03a9391cf529bf7354ef49730bf29
05e3b1ca0471c4a754beefd5fa5cf88b8d86c141
c0f03851ec2bb7dce175820e2d89112d4149c2bedee10b82ea7a751ca0fdc134
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9040
x-amzn-requestid: 24ba8357-3dbc-4609-8998-a358d3b4c4cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLleHKxIAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-2b67e5bd14e08d5c3ccf352f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ot2ovRarFg0nSndNjtz8HZJjZ4zlgAoCZvQY1QLbjAaNUSzf7A4tVQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:38:30 GMT
age: 31130
etag: "05e3b1ca0471c4a754beefd5fa5cf88b8d86c141"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1594505ac80a2d787d918c39c8ddc7d1
9df71dbf1cfc4501fe364875aec931b1d4cf966b
eadc0f6f8ffb5337db910ddc8e73040a9d000c8af3f61ff57e901e5a45f9d9c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3283
x-amzn-requestid: 8567846c-e747-40ce-9129-72714bb0ef33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMBqF5CIAMFnzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126d7-2726b25630a7935048414ad9;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nX9drLFEO1J-Kb2E5t2qrr3pkpyxlL5KTqvKLKhycFLeYUV0ns7UcA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:56:58 GMT
age: 30022
etag: "9df71dbf1cfc4501fe364875aec931b1d4cf966b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 29429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.33.223200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.33.223:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.69t104.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:20 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 20 Sep 2022 23:21:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 975321
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oPSxG%2BbtC6slpvaquGghkSB2VTkY9cdHVDD4juRDF%2B9bJemVHXgGK6ENdlD3lBs40o%2FEphAdedA3SbyziL8Js4G%2BsIQz75rfKNEqDPV60FJzbEsJTgLyywpk%2F7IQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74441f412e7fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 30e72c4b1ae386d8c906b16c493ca462
3f277d4aa371b9de0d2698362a532e366aee29c7
5507db83d2526574c4c94e5af6b0b33eaa75d57ef0b2084e4ad3e41e9cdd366c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 23:31:06 GMT
Expires: Wed, 07 Sep 2022 23:31:05 GMT
Etag: "3f277d4aa371b9de0d2698362a532e366aee29c7"
Cache-Control: max-age=493424,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f401bdffabc-OSL
ia.51.la/go1?id=21298371&rt=1662099439320&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C&ing=1&ekc=&sid=1662099439320&tt=%25E5%2598%2589%25E5%2585%25B4%25E9%25A1%25B5%25E9%25A2%2597%25E7%2594%25B5%25E5%25AD%2590%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%25A9%2586%25E5%25B2%25B3%25E5%2590%258C%25E5%25BA%258A%25E5%258F%258C%25E9%25A3%259E%25E5%2591%25BB%25E5%2590%259F&cu=http%253A%252F%252Fwww.wangdai3.com%252Fxampp&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21298371&rt=1662099439320&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C&ing=1&ekc=&sid=1662099439320&tt=%25E5%2598%2589%25E5%2585%25B4%25E9%25A1%25B5%25E9%25A2%2597%25E7%2594%25B5%25E5%25AD%2590%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%25A9%2586%25E5%25B2%25B3%25E5%2590%258C%25E5%25BA%258A%25E5%258F%258C%25E9%25A3%259E%25E5%2591%25BB%25E5%2590%259F&cu=http%253A%252F%252Fwww.wangdai3.com%252Fxampp&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21298371&rt=1662099439320&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C&ing=1&ekc=&sid=1662099439320&tt=%25E5%2598%2589%25E5%2585%25B4%25E9%25A1%25B5%25E9%25A2%2597%25E7%2594%25B5%25E5%25AD%2590%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%25B0%25E6%25BB%25A1%25E4%25B9%25B1%25E5%25AD%2590%25E4%25BC%25A6%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E7%25A7%2581%25E4%25BA%25BA%25E6%2583%2585%25E4%25BE%25A3%25E7%25BD%2591%25E7%25BB%259C%25E7%25AB%2599%252C%25E6%2588%2590%25E4%25BA%25BA%25E7%25BE%259E%25E7%25BE%259E%25E6%2597%25A0%25E9%2581%25AE%25E6%258C%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%25A9%2586%25E5%25B2%25B3%25E5%2590%258C%25E5%25BA%258A%25E5%258F%258C%25E9%25A3%259E%25E5%2591%25BB%25E5%2590%259F&cu=http%253A%252F%252Fwww.wangdai3.com%252Fxampp&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wangdai3.com/
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=b7ca51b4d6376653548; path=/
HWWAFSESTIME=1662099440408; path=/
www.69t104.com/static/styles/all-responsive-metal.css?v=7.0
172.67.188.148200 OK 145 kB URL HTTP/2 www.69t104.com/static/styles/all-responsive-metal.css?v=7.0
IP 172.67.188.148:0
File type ASCII text, with very long lines (15274)
Size 145 kB (144853 bytes)
Hash 313f267dff688e64bc59a23f23413099
7efd0afca9c848f57d5e196bc4e787b0fcbb9015
5aa0c098a4bb8f28a7c515425c0853b2112336927b9915d399af4b3c738811cc
GET /static/styles/all-responsive-metal.css?v=7.0 HTTP/1.1
Host: www.69t104.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/?66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:19 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Jul 2022 12:33:17 GMT
etag: W/"25f57-5e386c19d7d40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4677
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPxCNWMxcCH%2FyXP7RLUnMq8YAmuTRJ1OOmcYXglQ%2BqqmyzLVeIJqpixMSIEMLNNMY%2Fsv68jBNnRe8D77US11Ts30UdANSQ0Q0nPrxp1GLJYQu93%2BgqPYx70HkcoArL94ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74441f3988c3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ia.51.la/go1?id=20841003&rt=1662099439180&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&ing=1&ekc=&sid=1662099439180&tt=69%25E5%25A0%2582&kw=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&cu=https%253A%252F%252Fwww.69t104.com%252F%253F66&pu=http%253A%252F%252Fwww.wangdai3.com%252F
103.143.19.103200 6.3 kB URL HTTP/1.1 ia.51.la/go1?id=20841003&rt=1662099439180&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&ing=1&ekc=&sid=1662099439180&tt=69%25E5%25A0%2582&kw=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&cu=https%253A%252F%252Fwww.69t104.com%252F%253F66&pu=http%253A%252F%252Fwww.wangdai3.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash 10bc82e835578e19658d5fa8c9478c43
10c403b667e009ff4d0748057e49104d60576ec8
067f7c76eaba036f55faceb3846c3e10ec513824a9ba1eb1ae51d674b58974ec
GET /go1?id=20841003&rt=1662099439180&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&ing=1&ekc=&sid=1662099439180&tt=69%25E5%25A0%2582&kw=69%25E5%25A0%2582-%25E6%2588%2590%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C7%25E5%25B9%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E5%259F%25BA%25E5%259C%25B0.&cu=https%253A%252F%252Fwww.69t104.com%252F%253F66&pu=http%253A%252F%252Fwww.wangdai3.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 02 Sep 2022 06:17:21 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=c380a18d3f5c59099f4; path=/
HWWAFSESTIME=1662099440514; path=/
taiwtp1.com/img/96080.gif
220.128.218.220200 OK 73 kB URL HTTP/2 taiwtp1.com/img/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Hash 3786e56d6d1ab748179b5cdcc97e0dc1
a1fabf9e794492452aeddae395618e245e892805
830e9e2171ca93ba4618970ee447880c54d99edc65aa4b26fa4e02c2fb963982
GET /img/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:15:49 GMT
content-type: image/gif
content-length: 73157
last-modified: Thu, 07 Apr 2022 05:41:32 GMT
etag: "624e798c-11dc5"
expires: Sun, 02 Oct 2022 06:15:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8feichai.com/i/2022/06/05/sx1yix.gif
107.167.8.167200 OK 637 kB URL HTTP/2 8feichai.com/i/2022/06/05/sx1yix.gif
IP 107.167.8.167:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 637 kB (636562 bytes)
Hash f7422de504d315d73c0e0ea36e2ff3b8
3495dad5336c7a9ce1360f107028c8ad848e60cf
6d9e10649383b780a6245460687b1a859b95180f13b708f824d3edb3bcbc7980
GET /i/2022/06/05/sx1yix.gif HTTP/1.1
Host: 8feichai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:17:20 GMT
content-type: image/gif
content-length: 636562
last-modified: Sun, 05 Jun 2022 09:48:57 GMT
etag: "629c7c09-9b692"
expires: Sun, 02 Oct 2022 06:17:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7d0bd95b8dd2e7282f5cda3e750f80c6
ae12e388ebc9bf9599bebaa51ca886f11b966ceb
7f805c3dee827e64be526e6f70725e5db4620b526f10138d4c5abeba2e85024f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 00:58:41 GMT
Expires: Wed, 07 Sep 2022 00:58:40 GMT
Etag: "ae12e388ebc9bf9599bebaa51ca886f11b966ceb"
Cache-Control: max-age=412278,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f42eb1eb509-OSL
u0064.com/dbe1ae236c1c43d9b3cffc125f10e2c1.gif
20.24.205.22200 OK 139 kB URL HTTP/1.1 u0064.com/dbe1ae236c1c43d9b3cffc125f10e2c1.gif
IP 20.24.205.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 139 kB (139388 bytes)
Hash a5b0e74df1797465e01cfc87422f9202
be7e59e32ba0f8a1d52759d7113521d591c4425b
2156bac1f7a54267c0bc620da31f7ea354f8f08ba2e7af1ea2114175c338df82
GET /dbe1ae236c1c43d9b3cffc125f10e2c1.gif HTTP/1.1
Host: u0064.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 30 May 2022 16:17:10 GMT
ETag: W/"6294ee06-4f6da"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
dl66d.com/960x60.gif
104.233.158.19200 OK 452 kB IP 104.233.158.19:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 452 kB (451853 bytes)
Hash 4325a8b93e35bba15c3c951104effd5f
e9d5383db622e85a02bb35edb693aeadf24031f6
8d429d32f56b9c4da46966cfe1eeeae23a81ce43bc48aefedbb45c1d102be2c7
GET /960x60.gif HTTP/1.1
Host: dl66d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Content-Length: 451853
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 06:18:07 GMT
ETag: "62f49f1f-6e50d"
Expires: Sat, 10 Sep 2022 06:22:24 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
xpj08.oss-cn-beijing.aliyuncs.com/vip80.gif
59.110.185.220200 OK 264 kB URL HTTP/1.1 xpj08.oss-cn-beijing.aliyuncs.com/vip80.gif
IP 59.110.185.220:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: xpj08.oss-cn-beijing.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63119FF0390BD634306D46D2
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Mon, 08 Aug 2022 07:28:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 1
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e09b434f0cd718d15a3ea0e617bffeb1
8187b89ee9e8e739a2bd1a86e0fca8b47935e07c
449f5eb01a9c1b5b35cfd766c743ee282d7b2fbc79fd7bf7afa0a1203f530671
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 19:20:04 GMT
Expires: Wed, 07 Sep 2022 19:20:03 GMT
Etag: "8187b89ee9e8e739a2bd1a86e0fca8b47935e07c"
Cache-Control: max-age=478361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74441f4049f4b529-OSL
u0083.com/560c36ffe75b43a8bc4c46959734be3b.gif
20.205.45.212200 OK 222 kB URL HTTP/1.1 u0083.com/560c36ffe75b43a8bc4c46959734be3b.gif
IP 20.205.45.212:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 222 kB (222438 bytes)
Hash 5b18aea64629bda87d5b316db669c1ee
dc1fe7dd292639ba5cf29754f9efc6def2ec07b0
a885231c6dd95806ac2b5963f3e46b1f4148a6eb3653f71cfddde992dcd11f61
GET /560c36ffe75b43a8bc4c46959734be3b.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 04 Jul 2022 14:50:07 GMT
ETag: W/"62c2fe1f-6cad4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
vcawmm.com/48f189737d6f462d835d907a6a789d48.gif
103.170.15.54200 OK 237 kB URL HTTP/2 vcawmm.com/48f189737d6f462d835d907a6a789d48.gif
IP 103.170.15.54:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /48f189737d6f462d835d907a6a789d48.gif HTTP/1.1
Host: vcawmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63075c21-39cbe"
server: nginx
date: Sun, 28 Aug 2022 19:11:40 GMT
content-type: image/gif
last-modified: Thu, 25 Aug 2022 11:25:21 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-44
content-length: 236734
X-Firefox-Spdy: h2
u0083.com/d004b021b6884084bf7d7c94686eeedd.gif
20.205.45.212200 OK 106 kB URL HTTP/1.1 u0083.com/d004b021b6884084bf7d7c94686eeedd.gif
IP 20.205.45.212:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 106 kB (105624 bytes)
Hash fed1644bf2ac138565e67fb6dc3201bd
3da83963c94b06617fcac1c33895a640f8652092
af629ac538d9a4e11f58e82873720825df4df836b683f4d42b69c97ac40f0038
GET /d004b021b6884084bf7d7c94686eeedd.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 25 Aug 2022 11:24:37 GMT
ETag: W/"63075bf5-3d745"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
veugcz8.com/1755129e9011448eab81031d0f369bdc.gif
45.61.212.229200 OK 553 kB URL HTTP/1.1 veugcz8.com/1755129e9011448eab81031d0f369bdc.gif
IP 45.61.212.229:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
GET /1755129e9011448eab81031d0f369bdc.gif HTTP/1.1
Host: veugcz8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2fe6-86f72"
Date: Sun, 07 Aug 2022 15:37:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 09:09:58 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-29
Content-Length: 552818
www.69t104.com/static/styles/jquery.fancybox-metal.css?v=7.0
172.67.188.148200 OK 97 kB URL HTTP/2 www.69t104.com/static/styles/jquery.fancybox-metal.css?v=7.0
IP 172.67.188.148:0
File type ASCII text, with CRLF line terminators
Hash cb6a450343508cc14caac93d3898fe83
88d52d9f4266bd68ccc6fc9723f0913470bddafe
512ba49d98718995a7a0141d3a782ab40b7cd758b520fb67587fdbafb1e7b193
GET /static/styles/jquery.fancybox-metal.css?v=7.0 HTTP/1.1
Host: www.69t104.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/?66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:19 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2019 14:54:12 GMT
etag: W/"1506-5875bfdb7ad00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4677
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhqVsMizbFiQxxnV11s7jYD%2B%2Bgz7o35q7mC%2BmXV1ppVGvehFYxLZk6GBjaEy0kGL8qT1VatDTizKcC3PLJPYEgVhRJZqiIIchJKiIF%2BE4sNNgpxPmGTzPMCrVXEX0sVZfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74441f3988d6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bob4915.com/7cff6f8cf12442a28a54f3be82bbcd87.gif
103.170.15.89200 OK 168 kB URL HTTP/1.1 bob4915.com/7cff6f8cf12442a28a54f3be82bbcd87.gif
IP 103.170.15.89:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 168 kB (168182 bytes)
Hash 102de90a4e27cd879126e381ab758b8b
c25e9c9ef44badf7844619c34754880c781890b4
0d2ee996b8c707e04355ed5d6e561f53486908bb22c4e63d19760ddc78cf7aef
GET /7cff6f8cf12442a28a54f3be82bbcd87.gif HTTP/1.1
Host: bob4915.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62a361f3-290f6"
Date: Thu, 30 Jun 2022 05:21:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 10 Jun 2022 15:23:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-19
Content-Length: 168182
s7.addthis.com/l10n/client.zh.min.json
23.38.200.123200 OK 1.5 kB URL HTTP/2 s7.addthis.com/l10n/client.zh.min.json
IP 23.38.200.123:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1553), with no line terminators
Hash 6a7c2439f63d550c4dcef8b6b57de08c
e4aa9e28cfafc58327965960634e174c71fa1973
acd75a6f90a7f47c3299b7dfdcebda3005876f6dd80c37160eec7c91e8b10e08
GET /l10n/client.zh.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.69t104.com
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-a39"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1523
date: Fri, 02 Sep 2022 06:17:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=58105
date: Fri, 02 Sep 2022 06:17:22 GMT
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63119fef63bed6ee&bkl=0&bl=1&pdt=460&sid=63119fef63bed6ee&pub=&rev=v8.28.8-wp&ln=zh&pc=men&cb=0&ab=-&dp=www.69t104.com&dr=www.wangdai3.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=69%E5%A0%82-%E6%88%90%E4%BA%BA%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C7%E5%B9%B4%E5%85%8D%E8%B4%B9%E4%B8%8B%E8%BD%BD%E5%9F%BA%E5%9C%B0.&colc=1662099439311&jsl=1&skipb=1&callback=addthis.cbs.jsonp__15123306948981830
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63119fef63bed6ee&bkl=0&bl=1&pdt=460&sid=63119fef63bed6ee&pub=&rev=v8.28.8-wp&ln=zh&pc=men&cb=0&ab=-&dp=www.69t104.com&dr=www.wangdai3.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=69%E5%A0%82-%E6%88%90%E4%BA%BA%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C7%E5%B9%B4%E5%85%8D%E8%B4%B9%E4%B8%8B%E8%BD%BD%E5%9F%BA%E5%9C%B0.&colc=1662099439311&jsl=1&skipb=1&callback=addthis.cbs.jsonp__15123306948981830
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 94c3879ba77c1d1961b2e373c84c3cf3
e1f90cb1b46204c03760652e398c1425c13672b9
8a982e082e2aaac7e697ca4388d4dd40c806cf54b132692eb20481af2929abfd
GET /live/red_lojson/300lo.json?si=63119fef63bed6ee&bkl=0&bl=1&pdt=460&sid=63119fef63bed6ee&pub=&rev=v8.28.8-wp&ln=zh&pc=men&cb=0&ab=-&dp=www.69t104.com&dr=www.wangdai3.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=69%E5%A0%82-%E6%88%90%E4%BA%BA%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C7%E5%B9%B4%E5%85%8D%E8%B4%B9%E4%B8%8B%E8%BD%BD%E5%9F%BA%E5%9C%B0.&colc=1662099439311&jsl=1&skipb=1&callback=addthis.cbs.jsonp__15123306948981830 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 02 Sep 2022 06:17:22 GMT
X-Firefox-Spdy: h2
884352.com/e004d44144994195923436e831fb2111.gif
47.75.19.14200 OK 584 kB URL HTTP/1.1 884352.com/e004d44144994195923436e831fb2111.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /e004d44144994195923436e831fb2111.gif HTTP/1.1
Host: 884352.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 02 Sep 2022 06:17:20 GMT
Content-Type: image/gif
Content-Length: 584025
Connection: keep-alive
x-oss-request-id: 63119FF0E46B16373489FB80
Accept-Ranges: bytes
ETag: "EBF4EE75BBD43B703E1B1B861BA166E2"
Last-Modified: Wed, 06 Jul 2022 12:12:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9573701292697531384
x-oss-storage-class: Standard
Content-MD5: 6/TudbvUO3A+GxuGG6Fm4g==
x-oss-server-time: 1
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 47a538ca16542ada83d43154ae9cba5d
1b6dc9b8301c5015e71bfed4e1ede5acf65f5842
d222f4426733b64792c5fd9b82d1a8522177c4bf22cfc44dcc0382fecc4f29fc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Sep 2022 04:31:34 GMT
ETag: "1b6dc9b8301c5015e71bfed4e1ede5acf65f5842"
Last-Modified: Fri, 02 Sep 2022 04:31:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3573
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f4b3e7db4ee-OSL
img30.360buyimg.com/popXue/jfs/t1/66085/12/21331/274785/62e3ad73E675fac14/cb43076f590118e1.gif
163.171.140.79200 OK 275 kB URL HTTP/2 img30.360buyimg.com/popXue/jfs/t1/66085/12/21331/274785/62e3ad73E675fac14/cb43076f590118e1.gif
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 960 x 60\012- data
Size 275 kB (274785 bytes)
Hash 96a8e40a7bf850a7f845bab6abc17abc
d2d697249900960494a94d86828f369c91e1c78a
235bd3f3548cc2d46a5107292d9318872e1bb2fddff035c5ea6d2654e3a3e1bc
GET /popXue/jfs/t1/66085/12/21331/274785/62e3ad73E675fac14/cb43076f590118e1.gif HTTP/1.1
Host: img30.360buyimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:22 GMT
content-type: image/gif
content-length: 274785
expires: Mon, 26 Jul 2032 11:01:14 GMT
server: nginx
cache-control: max-age=315360000
last-modified: Fri, 29 Jul 2022 09:50:43 GMT
via: http/1.1 ORI-CLOUD-HUN-MIX-26 (jcs [cHs f ]), http/1.1 SSHXbaoji-UNI-01-MIX-55 (jcs [cMsSfW])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1659088243615-0-0-0-4-4;200;200-1659088399585-0-0-0-2-2;200-1659088399587-0-0-0-27-27
age: 1
x-via: 1.1 PSxgHKG8rs131:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 63119ff2_PShlamstdAMS1se91_33741-26924
X-Firefox-Spdy: h2
s7.addthis.com/static/82.513466d0781b3cc4fa57.js
23.38.200.123200 OK 544 B URL HTTP/2 s7.addthis.com/static/82.513466d0781b3cc4fa57.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (896), with no line terminators
Hash 7337fa895fe30ab0849e95c6b27284e5
18e5024929709c7d4d9bdaecdae34b17958b04ab
a7cdbebd837c5f00c67b9bfe443830eb66dfdad551bf20181798d43b2bc23675
GET /static/82.513466d0781b3cc4fa57.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-380"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 544
date: Fri, 02 Sep 2022 06:17:24 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/156.83c5e374f5c22911d34a.js
23.38.200.123200 OK 785 B URL HTTP/2 s7.addthis.com/static/156.83c5e374f5c22911d34a.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1440), with no line terminators
Hash be21fff01217868c772101fb38de5579
062a5845d114875a996de40a82b475aafea6d5a7
c7b8c99d9af99b34db6d0971da99040d206a5adb1b283fda60d8f37c3fe7979c
GET /static/156.83c5e374f5c22911d34a.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5a0"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 785
date: Fri, 02 Sep 2022 06:17:24 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/184.73d337bbba7a90f88049.js
23.38.200.123200 OK 662 B URL HTTP/2 s7.addthis.com/static/184.73d337bbba7a90f88049.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1157), with no line terminators
Hash b135a666cea06cfa59989b1d4f9655ad
1a1f04d55f356fbcf3977cd0da13225f4c34cf48
d04e5ad32851916c34d0ea02e7aa2d6d81868d42fe7af2592a693eaff3ec3a0e
GET /static/184.73d337bbba7a90f88049.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.69t104.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-485"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 662
date: Fri, 02 Sep 2022 06:17:24 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
iii.hkvzt.cn/tu/650x150.gif
47.246.44.118200 OK 752 kB URL HTTP/1.1 iii.hkvzt.cn/tu/650x150.gif
IP 47.246.44.118:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 800 x 250\012- data
Size 752 kB (751492 bytes)
Hash 35d890fc2d3f8da9396333c34bcbf0f6
e2588dab3c8554ebf0c02b43e131dbe2e3577e5f
1f7cef56b0364a563c48e9e26cec7395cb9a082046744ffc401cdcd5590be5ba
GET /tu/650x150.gif HTTP/1.1
Host: iii.hkvzt.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 751492
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:17:25 GMT
x-oss-request-id: 63119FF5940B693939E1F0A4
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "35D890FC2D3F8DA9396333C34BCBF0F6"
Last-Modified: Tue, 16 Aug 2022 06:14:15 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8278517790866686628
x-oss-storage-class: Standard
Content-MD5: NdiQ/C0/jak5YzPDS8vw9g==
x-oss-server-time: 33
Ali-Swift-Global-Savetime: 1662099445
Via: cache2.l2de2[2640,2640,304-0,M], cache19.l2de2[2643,0], cache2.se1[5184,5186,200-0,H], cache1.se1[5188,0]
Age: 0
X-Cache: HIT TCP_REFRESH_HIT dirn:11:454675835
X-Swift-SaveTime: Fri, 02 Sep 2022 06:17:25 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516620994404641277e
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 12863800d00585be0b2bb8721b39a474
6be3e439db7e5bed4165d1db6941821d262485c4
cf7b6cf5abc4b5a979b8d9b74d1d8468c10db2989c1e11b6116f4fd19287f530
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:17:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Sep 2022 04:22:15 GMT
ETag: "6be3e439db7e5bed4165d1db6941821d262485c4"
Last-Modified: Fri, 02 Sep 2022 04:22:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1203
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74441f698cbbfab4-OSL
www.69t104.com/?66
172.67.188.148200 OK 0 B IP 172.67.188.148:0
GET /?66 HTTP/1.1
Host: www.69t104.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wangdai3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:17:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.6
set-cookie: PHPSESSID=m0pckosvlu69n6rp23s3ahkr65; path=/; domain=.69t104.com
kt_referer=http%3A%2F%2Fwww.wangdai3.com%2F; expires=Sat, 03-Sep-2022 06:17:19 GMT; Max-Age=86400; path=/; domain=.69t104.com
kt_qparams=66; expires=Sat, 03-Sep-2022 06:17:19 GMT; Max-Age=86400; path=/; domain=.69t104.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwypJk%2FSe52lgz7tIB%2Btrg4mfPBodjPwCZxfvqXxPm7NY1%2FgJl0xJMQ%2FFxjM%2FtKn43RscMA2PFDle8P4BlW9T8XamQwM7fDpfWHJdw%2F4N4ihJaYcJ3cHkw6ZC8C%2Fh2ktxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74441f370cc0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2