r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10965
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:33:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9626
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:33:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 2882
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5998
Cache-Control: max-age=124683
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:33:16 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:11:19 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:19:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 822
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:33:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
instantttpresence.com/olux/BOfA/BOfA/BOfA
104.21.9.109200 OK 8.6 kB URL HTTP/1.1 instantttpresence.com/olux/BOfA/BOfA/BOfA
IP 104.21.9.109:0
Hash fb13badf289be294584c443427567d32
64ef96abdf03d81d86d73bbd04145470340512d3
857f58d411c96f34e3267bfe4d6a43e6453d8fe38cccc16820266e8d83b66001
Analyzer Verdict Alert fortinet Phishing
GET /olux/BOfA/BOfA/BOfA HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2L1%2FGfaFbyuPbVJu%2BYd%2FGze8PkSF0BSymGZIymonSi5gtMfHPit4yA3xJ20vLFx5pqe6LPQNon8dQ26QyhViYafFQC4OojCvMkipLEqOq8JsJeahmHMw2D1KcKCfa3Qa31cC61E8AU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798236dfd0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:08:55 GMT
cache-control: public,max-age=3600
age: 1462
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5290
Cache-Control: max-age=118908
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:33:17 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:35:05 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
instantttpresence.com/statics/css/stui_default.css
104.21.9.109200 OK 2.1 kB URL HTTP/1.1 instantttpresence.com/statics/css/stui_default.css
IP 104.21.9.109:0
File type ASCII text, with very long lines (312), with CRLF line terminators
Hash be0ac910a9dc2fe517c78e7ef5079776
7862a9db7048ab24e2aa2a7ceebf89ef2892cfd3
6abec0950f405d3569a372105e99f14c8d46dbd3c7ed38b9188022a1fdcc8178
GET /statics/css/stui_default.css HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 15 Apr 2021 09:19:03 GMT
Vary: Accept-Encoding
ETag: W/"60780507-1c7f"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVzANfMtZCz9K8KzdyoBXEdYYBOSiJQn7U%2B9KP%2BcuTKL9dNYCWG5%2Fi3n5%2Fmtteczi68NUpY3huxcJvTNpM7byiMyMncdBfYo%2FV4ccHbTn%2Fcn30k7nL4cuEY94o9L5h4EGpoclnNZF%2B0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798277d3db509-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/css/stui_block_color.css
104.21.9.109200 OK 1.6 kB URL HTTP/1.1 instantttpresence.com/statics/css/stui_block_color.css
IP 104.21.9.109:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 046b91cce005f46d306b03b442de3ecd
bb915b137e89ba137b182fecace5943919530d89
11b0d74171de000ce0a8fc629142c14ecca3483b52fcfd2ace21e70e451e8d31
GET /statics/css/stui_block_color.css HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Aug 2019 08:39:22 GMT
Vary: Accept-Encoding
ETag: W/"5d5fa63a-16d0"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55XF3dUvOVeAcqCbJG2bvKfsFUAAGebwvYXVCVdaZwLojwC%2FoST9ZMp%2BxpYyicaCYyLAi64zw915hKWurIcO0PW1NCF0gwHohLZI0yZY9niXwdT5SGW4Jd0%2BCx1Vbup6DDNUvXne9UY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798277d80b4eb-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/css/stui_block.css
104.21.9.109200 OK 8.3 kB URL HTTP/1.1 instantttpresence.com/statics/css/stui_block.css
IP 104.21.9.109:0
File type assembler source, Unicode text, UTF-8 text, with very long lines (1561), with CRLF line terminators
Hash f656839a72b6a9ce2440518bb1734cd7
cf0f3d91a2755522e76509fd669e736441556af1
6bf509e2aa32704f299f22ae635d92f9b7eb3a25603084795909491531afd4b1
GET /statics/css/stui_block.css HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Jan 2020 08:37:42 GMT
Vary: Accept-Encoding
ETag: W/"5e1837d6-8472"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Ff1TeWVrHpPOVvPP98ppPvb0Z8PyyBG%2BgApafDGypCIci2ffvXU4KliDRrM2ifoQW8SMCl4wci4UtZ%2BW3kh4fKlnSkVBg%2FrsvfkJgXbenIpPnytmiieaOro09vS0auV1rfU4BBsUPA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798277fa61c06-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/js/jquery.min.js
104.21.9.109200 OK 34 kB URL HTTP/1.1 instantttpresence.com/statics/js/jquery.min.js
IP 104.21.9.109:0
File type ASCII text, with very long lines (65451)
Hash bf13a6b8435f80e19d7827f205845b59
44dbd2aadc6e3ad655f88d469ad53268443bf781
ddc9353b24962d31baeffabe4aa408e001f282ab19d15b2e887a0243fdf358d0
GET /statics/js/jquery.min.js HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:32 GMT
Vary: Accept-Encoding
ETag: W/"5d0b40e0-1538f"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqwwSkN7T%2FifURe0UWCW3zc5d%2FDHP3dqntNkNEBxKTiYARBY%2B9ZRedrhlWK0fHrBwExKVDESy6ukLb%2FWOAODdmmfG0Rwle%2BryjOr%2F2xmYNohzHaFk4K7PscvuMpidB2196AiI858A1s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798278ec7b51b-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/font/iconfont.css
104.21.9.109200 OK 14 kB URL HTTP/1.1 instantttpresence.com/statics/font/iconfont.css
IP 104.21.9.109:0
File type ASCII text, with very long lines (17507)
Hash fbd9afd22a7a37d2803df5a341500d02
f2f45bd7afbe5dc12dbb248c38e02dbc728c5ebb
adb0e1ed88ad4eed4c47262bff4f37e8e4cc5ae62425ce7aa5f0081821893397
GET /statics/font/iconfont.css HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:22 GMT
Vary: Accept-Encoding
ETag: W/"5d0b40d6-523c"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEiTAvwG2URrg85MVBsjFwnhL8OrZSQWesTT8Ge0lUSpuDq0MuGwziTEzFLQioRmvTxPhRvATKz8xp17fI9H9Hq%2BXhfsEdjDikZqwCBopqKIMoOd0%2FQ4YokWR%2FUNFUtV%2BOT0ShlQDT4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798277f360b65-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/js/stui_default.js
104.21.9.109200 OK 42 kB URL HTTP/1.1 instantttpresence.com/statics/js/stui_default.js
IP 104.21.9.109:0
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash 6d794789ef5212c95be541902fb1a99c
0a98b2ca862e0d93318b0d347d352cfa17ab16a4
f4ad58da428b2ead1376262b096f3b3f54979da4777f4e09f8b736a978eab85b
GET /statics/js/stui_default.js HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:32 GMT
Vary: Accept-Encoding
ETag: W/"5d0b40e0-1fbc8"
Expires: Tue, 29 Nov 2022 13:33:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxZ%2BylzUugrZxn8Bt1ea66pYq6LC0GJCiC%2FkKE%2BBS1JOilOVyk%2FcGPpyQs7D73tIFMqeMno8pQ34yr2weWUgU8CsJL9IbD38hMcTFxlKtRhcygEcKoKGm7SO%2FtDK0id%2FGY6OKuP3fmE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771798278d7fb4fd-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LwW85nNqKUI2Rlw7IFc3QQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: earerkyuUh91bRHymmUcImVrz/g=
instantttpresence.com/statics/js/stui_block.js
104.21.9.109200 OK 3.9 kB URL HTTP/1.1 instantttpresence.com/statics/js/stui_block.js
IP 104.21.9.109:0
File type Unicode text, UTF-8 text, with very long lines (565), with CRLF line terminators
Hash 0f5111a076c3bb42acc93710a75d4a24
423f48b93037d7308964b8d924c14bf6cbb676dc
e2e16aba5f9c3de7ac92242af886ca7a5f2a6fd2c01a4782c7eea961cefe6d95
GET /statics/js/stui_block.js HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 06:54:00 GMT
Vary: Accept-Encoding
ETag: W/"60793488-2811"
Expires: Tue, 29 Nov 2022 13:33:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmAK5ymeFwslQvjTf51jEI6CiwVg9IpS5XoMeBNKf%2B4rABtreRw5ufj1DF229CQtLWZuhbfU6e3H03SGF%2FkHuQQgdYjYhPNWrZZeCTqlLnLC7i47hIBNhobrFU%2BNg8KwQv8RxWbEhKc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717982a2e59b509-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/js/jquery.autocomplete.js
104.21.9.109200 OK 6.4 kB URL HTTP/1.1 instantttpresence.com/statics/js/jquery.autocomplete.js
IP 104.21.9.109:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 8d4292d9bded98618330d65d3160b7d7
7198dc51ee28ff55e1c3c0e9eb9d75cf9f3018ea
8953216bfdd874ecbae434b6ed6c56b67b7c3296b416548c92cc4f624e864f33
GET /statics/js/jquery.autocomplete.js HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:32 GMT
Vary: Accept-Encoding
ETag: W/"5d0b40e0-6287"
Expires: Tue, 29 Nov 2022 13:33:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li7yODOvR5%2F3bwVwvgu3YZMWsIunUS4SFTJaibQGXNWuGpMcmVc8OZmxkEuutDsqYORsuC7H2PFzl0FnmEmJ%2BDzaIVActaGtVboLWbFscSVmy0newTJiVByqhKRqp9ySDSuvdbMux5U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717982a58c71c06-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/is/home.js
104.21.9.109200 OK 7.4 kB URL HTTP/1.1 instantttpresence.com/statics/is/home.js
IP 104.21.9.109:0
File type Unicode text, UTF-8 text, with very long lines (16349), with CRLF line terminators
Hash d2f77ec5a326e8f2690c739e9768f93a
03b38bf6ed7a460378357e07de1f8334e59f5dbe
640fb3b015d204cd51ea6fdf3e8d46f098c874be2eb0647a41369fde5f916bde
GET /statics/is/home.js HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 06:35:52 GMT
Vary: Accept-Encoding
ETag: W/"635a26c8-4133"
Expires: Tue, 29 Nov 2022 13:33:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Bs9bCmzGGKGN3%2BhQ6O00YYSdmS5aw8y6hVCbELNSr7gW7VcGUggYxUI8PFmnQgMxXzsN6jJEy33zpzdhdALuUWwmRjdx9Bvterto%2B3mv0tEQsoR3XxsvqOviuB4FdsR3mbM0aH85dk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717982a4e92b4eb-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/icon/icon_30.png
104.21.9.109200 OK 1.5 kB URL HTTP/1.1 instantttpresence.com/statics/icon/icon_30.png
IP 104.21.9.109:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash de2efcbd3aaef1f25e7dc492e1e62626
91fbd0b7d8104cc19ac026c9d08b0ac23a6b282a
774dfec5107777f6b73a0a720001660f11ecd6725bc3b2143dce9c656e968c99
GET /statics/icon/icon_30.png HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: image/png
Content-Length: 1496
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:26 GMT
ETag: "5d0b40da-5d8"
Expires: Thu, 29 Dec 2022 01:33:18 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jYo5RBxtW46vrp9d1jvsjr4bmfkZo%2FT66ut2qmdd42kFkmxB2dzN8uBE0aZqJhX7Er%2F8WzAcSOMAc7hhfbu5uIlWsvAiYY8yfQm%2BwVZ2fgBafxBSzqde0nef0RqhgXJNGEXJL7w5C0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717982d2fbcb509-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/icon/icon_6.png
104.21.9.109200 OK 2.1 kB URL HTTP/1.1 instantttpresence.com/statics/icon/icon_6.png
IP 104.21.9.109:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b5719951001c00a0308d51b66d6926b2
34db24c64ad3f91219cd92d18d59c0db1b00307e
c3ea3ef8a8821f9b08ee0cf9386a5b3f5530771855cff9f6aa7a7779e88a33c2
GET /statics/icon/icon_6.png HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: image/png
Content-Length: 2082
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:28 GMT
ETag: "5d0b40dc-822"
Expires: Thu, 29 Dec 2022 01:33:18 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8ZlAabQ5ifl14hrPpnm%2FtgiD%2B8cDGt9%2FTfe%2BnzzbG4MrSvjlKzqakJKcAYDafRAzzVL6O5seU0S6cuM%2FTBcNdT%2Fn%2BpW5wyTl44IpRO79LcB9GcUVUonwx2G4UZqt0GWIVbznKMMAPg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717982d2977b51b-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/icon/icon_12.png
104.21.9.109200 OK 2.0 kB URL HTTP/1.1 instantttpresence.com/statics/icon/icon_12.png
IP 104.21.9.109:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b7f42bf92534099c83258839ef5504d1
ccf84771c0d95c02ebdb30fdaa3bc27932b18221
df176c253e3e19b3f50ee9b9e9188c3550b314d3b0c6058a9ce223627f67066d
GET /statics/icon/icon_12.png HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: image/png
Content-Length: 1965
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:24 GMT
ETag: "5d0b40d8-7ad"
Expires: Thu, 29 Dec 2022 01:33:18 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYr8yJe2x6Ag0oIm8TexClatAdPIGVpg1yl%2FLqQ7UZNY4OAbIHInkqUGiDfu%2Bi%2BPNqAwivGMPNEkHH7kkj%2BtAJTCN6m8n8LGqqLlbXmxsWY%2FP0NKBeMpEIyALPnXkZ%2FpLc%2BY3YH%2BnFs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717982d2fdcb4fd-OSL
alt-svc: h2=":443"; ma=60
instantttpresence.com/statics/img/load.gif
104.21.9.109200 OK 790 B URL HTTP/1.1 instantttpresence.com/statics/img/load.gif
IP 104.21.9.109:0
File type GIF image data, version 89a, 220 x 325\012- data
Hash e6d1f147c527951186b6f39aee94ed69
58117fb5c3ee93c9ee6f9b97951d0ed4bab0bc84
2c8fa10d666f11aad2f12402468e76f119ee95fe5c18809d2bb715709a81be4e
GET /statics/img/load.gif HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: image/gif
Content-Length: 790
Connection: keep-alive
Last-Modified: Thu, 20 Jun 2019 08:16:28 GMT
ETag: "5d0b40dc-316"
Expires: Thu, 29 Dec 2022 01:33:18 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DffkjLuaZeJsbHJLtMvdpxI75ScxSAhLhSbKhssZdv0NnO3Cfs0FsRjiBgHjbwqi2ToR7zMlFOKPSzEJqdNTGyp9h8iE5G%2FLylaD1A5ioyP1BF2UwKNH43XBzaEa4ESvVC1BhoGaN44%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717982d29931c06-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f30ea3b70f76efe1f6d240edb6fce2a8
b42286c78dcc68b1e504e136fcd0e0801b57bd63
31b15843a278c1c5de4d4be73a8ac0e72199fe9f4742b4f70375a7acd09a4da3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 23:51:41 GMT
ETag: "b42286c78dcc68b1e504e136fcd0e0801b57bd63"
Last-Modified: Mon, 28 Nov 2022 23:51:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2884
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77179830c8080b06-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f30ea3b70f76efe1f6d240edb6fce2a8
b42286c78dcc68b1e504e136fcd0e0801b57bd63
31b15843a278c1c5de4d4be73a8ac0e72199fe9f4742b4f70375a7acd09a4da3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 23:51:41 GMT
ETag: "b42286c78dcc68b1e504e136fcd0e0801b57bd63"
Last-Modified: Mon, 28 Nov 2022 23:51:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2884
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77179830c9c8b518-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f30ea3b70f76efe1f6d240edb6fce2a8
b42286c78dcc68b1e504e136fcd0e0801b57bd63
31b15843a278c1c5de4d4be73a8ac0e72199fe9f4742b4f70375a7acd09a4da3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 23:51:41 GMT
ETag: "b42286c78dcc68b1e504e136fcd0e0801b57bd63"
Last-Modified: Mon, 28 Nov 2022 23:51:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2884
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77179830a930b4ff-OSL
pic.ku-img.com/upload/vod/20210930-1/119f3c1e4ddf5184c329c0ac6b8acd51.jpg
172.247.24.78200 OK 21 kB URL HTTP/1.1 pic.ku-img.com/upload/vod/20210930-1/119f3c1e4ddf5184c329c0ac6b8acd51.jpg
IP 172.247.24.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x353, components 3\012- data
Hash a1197a8a1c633ea0270cce462e977546
0fe252040e15320b3d999e50f4416ad1f628110a
f44c374dbee969f1ecbbbfcab4d0d4af7d2a7d432e37dcf676c8899faea09f99
GET /upload/vod/20210930-1/119f3c1e4ddf5184c329c0ac6b8acd51.jpg HTTP/1.1
Host: pic.ku-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 01:32:58 GMT
Content-Type: image/jpeg
Content-Length: 20594
Last-Modified: Thu, 30 Sep 2021 12:22:46 GMT
Connection: keep-alive
ETag: "6155ac16-5072"
Expires: Thu, 29 Dec 2022 01:32:58 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:33:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:33:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:33:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:58 GMT
age: 79281
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RAAJeCuVxs-hpp4wMmcBEmqPf71bUMueBvhwLaYTixj9IiIGNp0ZIQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:28:27 GMT
age: 3892
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 13876
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 13876
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iSUNjVxAMdZYo5z7KyOT7WN5VWxPElRWiVO3u2E3AonLWkr8bT9Img==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 02:07:31 GMT
age: 84348
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 64391
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a10fcddaab516867698811b395095151
af69fcd602d5001bfdf5843b1d0d872345f0f81f
d321948d9dfb63110be851ffada8c0b7cfd758375af81ca9c8c632ae262ed525
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:54:10 GMT
Expires: Mon, 05 Dec 2022 19:54:09 GMT
Etag: "af69fcd602d5001bfdf5843b1d0d872345f0f81f"
Cache-Control: max-age=583849,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77179832cb3bfab8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a10fcddaab516867698811b395095151
af69fcd602d5001bfdf5843b1d0d872345f0f81f
d321948d9dfb63110be851ffada8c0b7cfd758375af81ca9c8c632ae262ed525
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:54:10 GMT
Expires: Mon, 05 Dec 2022 19:54:09 GMT
Etag: "af69fcd602d5001bfdf5843b1d0d872345f0f81f"
Cache-Control: max-age=583849,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77179832dae8b51d-OSL
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 29 Nov 2022 01:33:19 GMT
Etag: "4078521116"
Expires: Wed, 29 Nov 2023 01:33:19 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=6E9ED76DC1E193891CC4EF1DFF9F6422:FG=1; max-age=31536000; expires=Wed, 29-Nov-23 01:33:19 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
pic.wujinpp.com/upload/vod/20210726-1/fca0c5eaeab27407e391bd2bcece13e0.jpg
23.224.173.84200 OK 19 kB URL HTTP/2 pic.wujinpp.com/upload/vod/20210726-1/fca0c5eaeab27407e391bd2bcece13e0.jpg
IP 23.224.173.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 3538x3537, segment length 16, comment: "qiyi1.6.8", baseline, precision 8, 195x260, components 3\012- data
Hash 6322f8eaaec8da09770e91a83884a68f
d15a17e4614e1a59f9201c1d5e9112a64dd1cb2c
23d6cbf5d4e6fdea3bad644710552e25a3d8eeaad0b21bdb0d417af269ff20d2
GET /upload/vod/20210726-1/fca0c5eaeab27407e391bd2bcece13e0.jpg HTTP/1.1
Host: pic.wujinpp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:33:19 GMT
content-type: image/jpeg
content-length: 19150
last-modified: Sun, 25 Jul 2021 17:41:22 GMT
etag: "60fda242-4ace"
expires: Sun, 07 Aug 2022 11:01:42 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?f64b2e0910c6b168b72238cc17cc2064
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f64b2e0910c6b168b72238cc17cc2064
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 852352a132861a79bba89f0564d3d398
c4207f07019a43e42aac7392841218dbbf4894d3
d1d172fd362414a99e4063d6d056694d7fae9bd287bb47c403f9422b1bab9692
GET /hm.js?f64b2e0910c6b168b72238cc17cc2064 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 01:33:19 GMT
Etag: acc8f31bdca848e603707a1bf0598fbd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0AE347AB65F8409D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?2bc8e1324f88958d814b30e3246c8bf3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2bc8e1324f88958d814b30e3246c8bf3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash dc5ac5a71a798cb55ea26472cedb75c3
dc741baa1d7a6983e5112422de7d557d2e30bad0
a1ced4ac193e19e48dfe330dfc13526f04a56e23820715b8b3259c72641872b4
GET /hm.js?2bc8e1324f88958d814b30e3246c8bf3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 01:33:19 GMT
Etag: bf890f276f4a447823b80bad9bac89bf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A10F137E5B08ECD9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pic.wujinpp.com/upload/vod/20220522-1/8f86341a0194589181eef0a52d3cd09e.jpg
23.224.173.84200 OK 22 kB URL HTTP/2 pic.wujinpp.com/upload/vod/20220522-1/8f86341a0194589181eef0a52d3cd09e.jpg
IP 23.224.173.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x402, components 3\012- data
Hash 4e8c24346470a15b3043dfa0b9f0ff61
d4103814663a088ffd4a55ca1bf3a720fba87e47
154e75a4480864708be2e1ff772a41d3e360d9a3cc70ec01dafbd82d9507c4e2
GET /upload/vod/20220522-1/8f86341a0194589181eef0a52d3cd09e.jpg HTTP/1.1
Host: pic.wujinpp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:33:19 GMT
content-type: image/jpeg
content-length: 22404
last-modified: Sun, 22 May 2022 14:38:25 GMT
etag: "628a4ae1-5784"
expires: Sun, 07 Aug 2022 09:20:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?c6ebfc856d0704d51f046099082b7c76
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c6ebfc856d0704d51f046099082b7c76
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 5942762c4852f721b87c1abdadc1bfaa
78e160df1babfa0dc83d6226b9db613feb34001b
07297c27a6db411955cec6de0dab907999e6ff1d086cf835c84380e976d4ec36
GET /hm.js?c6ebfc856d0704d51f046099082b7c76 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 01:33:19 GMT
Etag: b069559453b5372fe570bf7511a8665a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D40BDB573B6CB6F0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1761137844&si=f64b2e0910c6b168b72238cc17cc2064&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1761137844&si=f64b2e0910c6b168b72238cc17cc2064&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1761137844&si=f64b2e0910c6b168b72238cc17cc2064&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 01:33:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7CA35D892050718F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1756609886&si=2bc8e1324f88958d814b30e3246c8bf3&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1756609886&si=2bc8e1324f88958d814b30e3246c8bf3&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1756609886&si=2bc8e1324f88958d814b30e3246c8bf3&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 01:33:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=67D7524D48594816; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=324428534&si=c6ebfc856d0704d51f046099082b7c76&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=324428534&si=c6ebfc856d0704d51f046099082b7c76&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=324428534&si=c6ebfc856d0704d51f046099082b7c76&v=1.3.0&lv=1&sn=50404&r=0&ww=1280&u=http%3A%2F%2Finstantttpresence.com%2Folux%2FBOfA%2FBOfA%2FBOfA&tt=%E3%80%8A%E6%97%B6%E5%85%89%E6%8F%92%E7%8F%AD%E7%94%9F%E3%80%8B%E9%AB%98%E6%B8%85%E5%85%A8%E9%9B%86%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B_%E5%89%A7%E6%83%85%E4%BB%8B%E7%BB%8D_%E7%88%B1%E6%83%85%E7%89%87-%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E9%AB%98%E6%B8%85%E7%89%88_%E6%A8%B1%E8%8A%B1%E8%8D%89%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%92%AD%E6%94%BE%E5%85%8D%E8%B4%B9%E5%8A%A8%E6%BC%AB_%E6%A8%B1%E8%8A%B1%E8%8D%89%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%8A%A8%E6%BC%AB HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://instantttpresence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 01:33:20 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B9A1565141A5128C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?l=http://instantttpresence.com/olux/BOfA/BOfA/BOfA
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://instantttpresence.com/olux/BOfA/BOfA/BOfA
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://instantttpresence.com/olux/BOfA/BOfA/BOfA HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 29 Nov 2022 01:33:20 GMT
instantttpresence.com/statics/img/favicon.ico
104.21.9.109200 OK 3.4 kB URL HTTP/1.1 instantttpresence.com/statics/img/favicon.ico
IP 104.21.9.109:0
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash a89e84b7596433d40e1f25c16017bb1f
5a40c85c2bec0bd57cb3ad38dda1c72dae8aace3
93a7d7cae68122ef324704f0252a9a6b935c4ba40daf0cd5457ba2099095a075
GET /statics/img/favicon.ico HTTP/1.1
Host: instantttpresence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://instantttpresence.com/olux/BOfA/BOfA/BOfA
Cookie: Hm_lvt_f64b2e0910c6b168b72238cc17cc2064=1669685599; Hm_lpvt_f64b2e0910c6b168b72238cc17cc2064=1669685599; Hm_lvt_2bc8e1324f88958d814b30e3246c8bf3=1669685599; Hm_lpvt_2bc8e1324f88958d814b30e3246c8bf3=1669685599; Hm_lvt_c6ebfc856d0704d51f046099082b7c76=1669685599; Hm_lpvt_c6ebfc856d0704d51f046099082b7c76=1669685599
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:33:21 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Oct 2019 06:06:06 GMT
ETag: W/"5dad4ace-1083e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL7QYHP1PeKURNrTdx4kn92q1ahrgSxDbPtXNGAmuHf4jkOPwoFj%2F1jqqPw3tHk4vRid5zNTqSNe%2F6J6I8HmWiY3J6LXLN21s%2FccmlYTjBbRO1txkTe7Pn8teNbv4rprrDiYOXOsvRk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717983a9dc6b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60