r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8748
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 11:28:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Thu, 09 Feb 2023 12:05:43 GMT
Date: Thu, 09 Feb 2023 11:28:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3881
Expires: Thu, 09 Feb 2023 12:32:42 GMT
Date: Thu, 09 Feb 2023 11:28:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 10:36:48 GMT
content-type: application/json
age: 3073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6P6IRMwFACgm6r2TVgqEK6BiUcDrmT+fKgrTmhYGT/o1iQtFuRNcR4hoqhJ+T7lm0GCNVc9bfY=
x-amz-request-id: CGD0J38DM8PZ5J5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 10:46:22 GMT
age: 2499
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:28:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:14:53 GMT
age: 789
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3683
Expires: Thu, 09 Feb 2023 12:29:25 GMT
Date: Thu, 09 Feb 2023 11:28:02 GMT
Connection: keep-alive
push.services.mozilla.com/
44.229.10.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.229.10.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h002GFh4gjANCP/CKOlozQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1qyAQ23FTT0d4n/w433JvH6MEK4=
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/0906base.js
103.233.252.153200 OK 2.4 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/0906base.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type ISO-8859 text, with very long lines (486), with CRLF line terminators
Hash c6cf43d2ab7249a31331302781161532
603585dd1d98dbbc7e0783879a76cff1abc04b61
1eaac31c14928ba8586f2c4f22c9eb583a8fa49f0f1fa5b1a9c4bcba1da403ec
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/0906base.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 2427
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
103.233.252.153200 OK 128 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (1936), with CRLF line terminators
Size 128 kB (127907 bytes)
Hash 939e9a4ecdb5431c76f83865fbe99c9e
0858c5d2261545df63bc48bfd380ca9fb6249afd
4b89a7772177e87c7c49f7132eeb509cba9d496c4ef638b6d208928bb68375af
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Length: 127907
Content-Type: text/html
Last-Modified: Fri, 01 Apr 2016 09:02:12 GMT
Accept-Ranges: bytes
ETag: "1e47132ef58bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:01 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/skin.css
103.233.252.153200 OK 3.8 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/skin.css
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (439)
Hash d57c9e3e894606ecaa2ff52ab2c9d659
d15cc41b4c09f62315ab9d867d03c9287de1d863
fd4a36c7b71e8a9ce8711544e90090901ac022c40b27bcce250f00ec2659770d
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/skin.css HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 3841
Content-Type: text/css
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_topmenu.js
103.233.252.153200 OK 3.8 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_topmenu.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (439)
Hash 2500bc58cdf54787a4cd4593d4caf318
f2105f06b15b3d877ec46a05a07fc02d5c4e7e0b
ca43627ce6da96b0f894daf3b274d077203c8c074bf80748cef34ad88daf32e4
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_topmenu.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 3841
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
103.233.252.153200 OK 30 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type ISO-8859 text, with CRLF line terminators
Hash 0c7e8f0f12aace081353ff561f4d6e93
d7091d156bd21af764c2398304ae8a4183773c6c
4063fac40db7744631c40beb99b536435b836b0b4e77aef0beaf65331aefe98e
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 29484
Content-Type: text/css
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:01 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html
103.233.252.153404 Not Found 1.3 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
heppp.hzfuhao.com/ch/czm.html?gid=14585552208901089
170.178.168.203302 Found 0 B URL HTTP/1.1 heppp.hzfuhao.com/ch/czm.html?gid=14585552208901089
IP 170.178.168.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ch/czm.html?gid=14585552208901089 HTTP/1.1
Host: heppp.hzfuhao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/
HTTP/1.1 302 Found
Date: Thu, 09 Feb 2023 11:28:03 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1675942083.1401871; expires=Sun, 06-Feb-2033 11:28:03 GMT; Max-Age=315360000
Location: http://ww25.heppp.hzfuhao.com/ch/czm.html?gid=14585552208901089&subid1=20230209-2228-03d2-9c3a-f50e67cde7a7
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2490
Expires: Thu, 09 Feb 2023 12:09:33 GMT
Date: Thu, 09 Feb 2023 11:28:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2490
Expires: Thu, 09 Feb 2023 12:09:33 GMT
Date: Thu, 09 Feb 2023 11:28:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 49999
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa8bb3f20238f62a7a6ebb5d0985192a
f6b3839bfb0cf51d63e9eff2de402495906cd19b
db5ad61fdd000a13b6c8952d1614a6ab18e5f7104270d6471df96f773dacf4e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 92d41e06-632b-43f9-828e-268bc024875c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGuESYIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f7-599e0f7d327a69921d447f7e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ouX4yFdSvKvEUowCAqs8iTO2SOZuEFa2dGuMDeb_pygK0DbvS8XlHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:10:46 GMT
age: 47837
etag: "f6b3839bfb0cf51d63e9eff2de402495906cd19b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 7e2b1875-ecf9-4ee9-8d5a-a911fdd28d16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AColKGwOIAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42153-097b982244d3ad7b6f49a392;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uvdg9MhYDsR9aC-s_chZDKp7_5RzhQfTwXZ0epZVW7TUVdrdADUEfQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 03:49:25 GMT
age: 27518
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 81995
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8BUL5SSz4_Jh8-i92w6IGXQEnW6RH2580LbDBIul4S45Mtji53ieTw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:06:10 GMT
age: 48113
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 75135
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/v1.js
103.233.252.153200 OK 4.0 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/v1.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document, ASCII text, with very long lines (2491)
Hash 107badb13ca7c8f3b4170b2a710c3ed9
42a3f382aac483d03888add9db9306595991550b
dbe87a20048a493aa34011c7ed8c37aac8e022cce39cb1ac58c330ae6dfc152d
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/v1.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 4037
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/settab.js
103.233.252.153200 OK 8.8 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/settab.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type ISO-8859 text, with CRLF line terminators
Hash c360f3638396495de15ce96a11d265c1
ad718a1a60898d0e25b1e6c5c0958e87fd567937
ad2040efa0698a4a5069f5eaa8e2e6c37a539d3f650f4ea3e9c7b48d8fabead5
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/settab.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 8816
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/jquery.js
103.233.252.153200 OK 95 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/jquery.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 4d2777f3181bdd1802880a03cfa093d7
bb94471e4907399d54d9cdd9684422211ed4cd2a
d5041d50467376cd1cdc596b99e42e8b74ae92d69fd59756e7250152f0fee2ae
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/jquery.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 94958
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_1.js
103.233.252.153200 OK 9.8 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_1.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash dccf84c19d14a400e6c2d4949b6f67b5
175f237282f0f07bed03230f96b2995791f85e97
d5c751462bd7f12499bd36783937dade1f1a0eaf4fc64cde47f60fc74b969326
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/my_1.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 9761
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/sub1102.js
103.233.252.153200 OK 8.8 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/sub1102.js
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 592d670a79b0952cd8b7007851a2b9fa
277934d60f86a3e98b6e935b67847db6bb1c3946
fbb656aacd5083501cce138b034ac96acfa966da0b1035a6c254f683b28565e7
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/sub1102.js HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 8756
Content-Type: application/x-javascript
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:02 GMT
ww25.heppp.hzfuhao.com/ch/czm.html?gid=14585552208901089&subid1=20230209-2228-03d2-9c3a-f50e67cde7a7
199.59.243.222200 OK 845 B URL HTTP/1.1 ww25.heppp.hzfuhao.com/ch/czm.html?gid=14585552208901089&subid1=20230209-2228-03d2-9c3a-f50e67cde7a7
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1115), with no line terminators
Hash 9e365e6a254f44f7f81b6469f38c9a56
f86c449dc9aff7a176b59fe6b070e485731a7d3f
ffccdcd063b0339996e94410950f4bd7f55c92c3241dd4498f74d78bbd4b420d
GET /ch/czm.html?gid=14585552208901089&subid1=20230209-2228-03d2-9c3a-f50e67cde7a7 HTTP/1.1
Host: ww25.heppp.hzfuhao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://268wl.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 09 Feb 2023 11:28:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=5263b37a-cd4f-798f-e726-d9252d2c3d91; expires=Thu, 09-Feb-2023 11:43:04 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xnUjblo4fK1ow/eUNdxCku6YFUIW0AerCwBRLGqEjfZYJJx3ojTZSmdwArUQ5aWtLvCpYNHu3CN5JKWfHQWVIQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/340x200-5.html
103.233.252.153404 Not Found 1.3 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/340x200-5.html
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/340x200-5.html HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1.jpg
103.233.252.153200 OK 14 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x200, components 3\012- data
Hash 722b754e01598835072fc1b5e07c9c49
b93b14bc8631ac59b3d39d6709fe9f75cd05b597
b944997032536880eb1291225a430b7fc8516ae53bc5fb16fb08fb40aac1c2d2
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 13706
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/2.jpg
103.233.252.153200 OK 24 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/2.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x200, components 3\012- data
Hash 436f7bbcf5f47f83f34ebee36c106393
2dd811e46c5f1596d654bf612c32b8a7f620d403
6a97210595d191721c6e070dd60d1e76c9d988015878b0bf905099471df5fe7e
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/2.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 24433
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/3.jpg
103.233.252.153200 OK 26 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/3.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x200, components 3\012- data
Hash c21b4c5d7d0f45e2432d096208e23b8c
9cd946f44fc92aada0e9d0a6ca37819f02396bce
fa7f094a35119a00b5129d07f16ec602238dc7d0ec9cda6c789aafe87fc18c2c
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/3.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 26167
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
s.gg.99.com/a.php?id=f0c0b293aaf86487a480ece47e75bee3&tg=%23game&n=1&v=1
220.162.240.44301 Moved Permanently 162 B URL HTTP/1.1 s.gg.99.com/a.php?id=f0c0b293aaf86487a480ece47e75bee3&tg=%23game&n=1&v=1
IP 220.162.240.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /a.php?id=f0c0b293aaf86487a480ece47e75bee3&tg=%23game&n=1&v=1 HTTP/1.1
Host: s.gg.99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 09 Feb 2023 11:28:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://s.gg.99.com/a.php?id=f0c0b293aaf86487a480ece47e75bee3&tg=%23game&n=1&v=1
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 9c9f2f173ea84e526f6a6d10fc7605d2
90cc1de03ea1a5dc4629bb5d4079e64318b12d13
7d6b43ab9fce0ea6fee90f840694957b0227301c666a14f62d575f6def41f187
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:28:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 13 Feb 2023 10:29:02 GMT
ETag: "90cc1de03ea1a5dc4629bb5d4079e64318b12d13"
Last-Modified: Thu, 09 Feb 2023 10:29:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c427a5cbb1c02-OSL
s.gg.99.com/a.php?id=d20d7062395df0330735f192ece24372&tg=%23gwgm&n=1&v=1
220.162.240.44301 Moved Permanently 162 B URL HTTP/1.1 s.gg.99.com/a.php?id=d20d7062395df0330735f192ece24372&tg=%23gwgm&n=1&v=1
IP 220.162.240.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /a.php?id=d20d7062395df0330735f192ece24372&tg=%23gwgm&n=1&v=1 HTTP/1.1
Host: s.gg.99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 09 Feb 2023 11:28:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://s.gg.99.com/a.php?id=d20d7062395df0330735f192ece24372&tg=%23gwgm&n=1&v=1
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/5.jpg
103.233.252.153200 OK 28 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/5.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x200, components 3\012- data
Hash 95a41314e4f91a5bcc2a9bbbcaf9cc83
0185dc57105f817aa9769d080d738ba0128c113f
b4eec12abe6cc1006f69190abd417a61de0a4d9255b97fd9aa936bcdd2cd6487
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/5.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 28250
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/header1.jpg
103.233.252.153200 OK 68 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/header1.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=65, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1002], baseline, precision 8, 1002x65, components 3\012- data
Hash ff15da835117fe152941148014be55ab
1e3f7d83d5893d371beaa2dc299e0a71eb326f13
c18e69a69695d14ce525243a4db637ce1ae6eb0eb5e743dc851fd5db1a002fad
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/header1.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 68402
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_content.jpg
103.233.252.153200 OK 71 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_content.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1002x620, components 3\012- data
Hash 5ee7d4956f99aa4c1ca95956ea7d5c6b
c3a9944b3fd84b346d61e9486528e65d5307d971
25f9e5dfb61d23b85d7402f98e104f7146a75dab1e382f341e798a49919ca405
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_content.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 70676
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:05 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_header.jpg
103.233.252.153200 OK 75 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_header.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1002x270, components 3\012- data
Hash 53280392e75008abcbff3469a7851551
d607ed538acae344a3156e6abeda726b25ceb2e6
78ab05f3f3ccf812ff9fafbd458a17ef1c965ed9024af20e08208ee51ffb685b
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_header.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 75132
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_full_bg.jpg
103.233.252.153200 OK 96 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_full_bg.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x955, components 3\012- data
Hash 3a02001b971b88e4c7501479e89c028a
894eb6768e7581d3ebdd4a5ba351e2ec68ed059a
d9bcf39b6e59d51a0b1598cc822027421ca6bf8018cc7dd802e3100d82ece205
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_full_bg.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 96233
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover.gif
103.233.252.153200 OK 3.3 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover.gif
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text
Hash 66a0c6207dacfbd5c27d80c1417f7983
574648d99ae13d5d0becb2a0616077a58aed0424
13a4a2a592acdeaf2593b626dc8aece30a0145d971b34f3b07b87173cf373e1c
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover.gif HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 3286
Content-Type: image/gif
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:07 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/4.jpg
103.233.252.153200 OK 26 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/4.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x200, components 3\012- data
Hash 3c4d2c7fbdb2645d13d3d35fa2d9e06f
dcb1fafbeeee13b19e1340d7c0cbf1ec2a4b66cd
4c49c073cf1c9e7f773fff77877e01e21c7c17359bfc020f555a01b3f74f1fc3
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/4.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 26148
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:04 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover-1.png
103.233.252.153200 OK 21 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover-1.png
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type PNG image data, 600 x 388, 8-bit colormap, non-interlaced\012- data
Hash eb76a9ce65ddf76b218e63bcaa41f7a7
8550482f87a438a98d099c579de53c95c683cf9a
ea536f3a19b2ba384fe1d05f63bfa57631e21d0da2ef34e9dd7a3564ec43e737
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/hover-1.png HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
HTTP/1.1 200 OK
Content-Length: 20737
Content-Type: image/png
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:07 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_bg.jpg
103.233.252.153200 OK 3.9 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_bg.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 707x159, components 3\012- data
Hash accba8e16a7f36ad0281c665860780cd
437d94765ec1926bd2e15117a24900fd3aff4683
b6cd182c4342a68296d667e14e5e219d9badb5d0fdef7920639aa5771ad9fc30
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_bg.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
HTTP/1.1 200 OK
Content-Length: 3893
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:08 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html
103.233.252.153404 Not Found 1.3 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert fortinet Phishing
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/c.html HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:08 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_top.jpg
103.233.252.153200 OK 31 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_top.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 707x1150, components 3\012- data
Hash 146fb24950d6787b510f60fbfe4f8d15
0c1065dc2533c8d0780dc0945593db1efb88abec
e10cbc1babcf88c8f71cec097f67944882053a6547c5de2a4be86f9589bd487a
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_top.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
HTTP/1.1 200 OK
Content-Length: 30605
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:08 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_btm.jpg
103.233.252.153200 OK 5.4 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_btm.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 707x73, components 3\012- data
Hash 3f425663ad0f42a1bc8731d1388ef969
3395fb0a0a8e10a4ab9e63bf472c5df181c0ec62
b490e06e3da1600f2520f686e409c30fc383dc54a20bcc2eb301a3aba98f5da4
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/main_btm.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
HTTP/1.1 200 OK
Content-Length: 5353
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:08 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_sid01.png
103.233.252.153200 OK 100 kB URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_sid01.png
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
File type PNG image data, 279 x 292, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100081 bytes)
Hash 950b7133125f01180d7be0f990a00f04
a7165586a8b161b46edca1c4a50a88d3f8d13136
387f3015b2349260be4426757749b27efc733d3ed2149e2d90b80f6cfd0ce452
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/s_sid01.png HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/1212sub.css
HTTP/1.1 200 OK
Content-Length: 100081
Content-Type: image/png
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:07 GMT
268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/btn.jpg
103.233.252.153200 OK 0 B URL HTTP/1.1 268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/btn.jpg
IP 103.233.252.153:0
ASN #142032 High Family Technology Co., Limited
GET /bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/btn.jpg HTTP/1.1
Host: 268wl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://268wl.com/bb/2017/Z-15-%E9%BE%99%E9%AD%94%E5%9F%9F1=270%E9%AD%94%E7%9F%B3/index-1.htm
HTTP/1.1 200 OK
Content-Length: 69220
Content-Type: image/jpeg
Last-Modified: Fri, 19 Feb 2016 17:32:42 GMT
Accept-Ranges: bytes
ETag: "0593a893b6bd11:c78"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2023 11:28:08 GMT