8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

43.129.2.11:80

GET /pa?p=2:1196927540:51 HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: wpa.qq.com
Connection: Keep-Alive

HTTP/1.1 302 Moved Temporarily
Server: stgw
Date: Wed, 03 Jan 2024 06:20:56 GMT
Content-Type: text/html
Content-Length: 137
Connection: keep-alive
Location: https://wpa.qq.com/pa?p=2:1196927540:51

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

204.79.197.200:443

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b4518ba94b794722993ed7137cb02228&localId=w:74019202-808B-909D-A3F8-27A805F8E594&deviceId=6825827065235624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3332330551B460DF36B420FE500F61E8; domain=.bing.com; expires=Mon, 27-Jan-2025 06:21:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFABFABCA8F345229CA6A6DC99511A58 Ref B: LON04EDGE0908 Ref C: 2024-01-03T06:21:01Z
date: Wed, 03 Jan 2024 06:21:00 GMT

204.79.197.200:443

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b4518ba94b794722993ed7137cb02228&localId=w:74019202-808B-909D-A3F8-27A805F8E594&deviceId=6825827065235624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3332330551B460DF36B420FE500F61E8

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=9LytbY4gOvZd_WYud0qakmwDOrpgBgkFLpFwo7vetJM; domain=.bing.com; expires=Mon, 27-Jan-2025 06:21:01 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B61E01DB84D541299A1D4BEB63471954 Ref B: LON04EDGE0908 Ref C: 2024-01-03T06:21:01Z
date: Wed, 03 Jan 2024 06:21:00 GMT

204.79.197.200:443

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b4518ba94b794722993ed7137cb02228&localId=w:74019202-808B-909D-A3F8-27A805F8E594&deviceId=6825827065235624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3332330551B460DF36B420FE500F61E8; MSPTC=9LytbY4gOvZd_WYud0qakmwDOrpgBgkFLpFwo7vetJM

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB9EAE4B4B7F4FCFA8475F4C9AE70F5F Ref B: LON04EDGE0908 Ref C: 2024-01-03T06:21:01Z
date: Wed, 03 Jan 2024 06:21:00 GMT

43.129.2.11:443

GET /pa?p=2:1196927540:51 HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: wpa.qq.com

HTTP/1.1 301 Moved Permanently
Date: Wed, 03 Jan 2024 06:21:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: tws
Location: http://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Pragma: no-cache
Cache-Control: no-cache; must-revalidate

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

47.246.3.17:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAbJNRrm8KxusAb7DCqnMkE%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: ocsp.digicert.cn

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 03 Jan 2024 05:47:58 GMT
Ali-Swift-Global-Savetime: 1704260878
Via: cache2.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache1.ru4[0,0,200-0,H], cache7.ru4[1,0]
Age: 1984
X-Cache: HIT TCP_MEM_HIT dirn:10:132680994
X-Swift-SaveTime: Wed, 03 Jan 2024 05:48:02 GMT
X-Swift-CacheTime: 3596
Timing-Allow-Origin: *
EagleId: 2ff6039b17042628622965084e

47.246.3.17:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQhnxEBNL9LgIhfSsTcHsrTt204QgQURNnISjOO01KNp5KUYR%2BayKW37MsCEA5Z6OBcFD8WYQNao%2BF7KoQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: ocsp.digicert.cn

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Wed, 03 Jan 2024 06:05:34 GMT
Ali-Swift-Global-Savetime: 1704261934
Via: cache14.l2de2[47,46,200-0,M], cache4.l2de2[48,0], cache1.ru4[0,0,200-0,H], cache7.ru4[1,0]
Age: 928
X-Cache: HIT TCP_MEM_HIT dirn:11:128573462
X-Swift-SaveTime: Wed, 03 Jan 2024 06:05:34 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff6039b17042628624145132e

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

203.205.136.105:80

GET /qconn/wpa/button/button_111.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: pub.idqqimg.com

HTTP/1.1 302 Found
Location: https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Content-Length: 0
X-NWS-LOG-UUID: 3644429655864100329
Connection: keep-alive
Server: Lego Server
Date: Wed, 03 Jan 2024 06:21:04 GMT
X-Cache-Lookup: Return Directly
Vary: Origin
Cache-Control: max-age=86400

203.205.136.105:443

GET /qconn/wpa/button/button_111.gif HTTP/2.0
host: pub.idqqimg.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

HTTP/2.0 200
last-modified: Fri, 30 Sep 2022 03:20:36 GMT
server: NWS_SSD_MID
date: Wed, 15 Nov 2023 07:48:26 GMT
expires: Sat, 18 Nov 2023 07:48:26 GMT
content-type: image/jpeg
x-verify-code: f43d2141f90038a1ba8d29012a073fe0
x-daa-tunnel: hop_count=1
age: 71421
content-length: 3534
accept-ranges: bytes
x-nws-log-uuid: 85589110419302848
x-cache-lookup: Cache Hit
vary: Origin
cache-control: max-age=86400

8.8.8.8:53

8.8.8.8:53

163.181.56.211:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAh%2BGPuPqpJ%2B6HYKDYmC9RI%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: ocsp.dcocsp.cn

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 03 Jan 2024 06:19:50 GMT
Ali-Swift-Global-Savetime: 1704262790
Via: cache12.l2de2[493,493,200-0,M], cache21.l2de2[494,0], ens-cache3.de4[0,0,200-0,H], ens-cache4.de4[1,0]
Age: 76
X-Cache: HIT TCP_MEM_HIT dirn:10:54878313
X-Swift-SaveTime: Wed, 03 Jan 2024 06:19:50 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62b1c17042628666142905e

163.181.56.211:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTHv1Dj%2BciPJEWH5JNtwL5Y07mRqwQUxBF%2BiECGwkG%2FZfMa4bRTQKOr7H0CEA%2BeJjBpNYxBgP3UUDzaNWo%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: ocsp.dcocsp.cn

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 03 Jan 2024 06:08:21 GMT
Ali-Swift-Global-Savetime: 1704262101
Via: cache7.l2de2[182,182,200-0,M], cache15.l2de2[183,0], ens-cache3.de4[0,0,200-0,H], ens-cache4.de4[0,0]
Age: 765
X-Cache: HIT TCP_MEM_HIT dirn:10:48523370
X-Swift-SaveTime: Wed, 03 Jan 2024 06:08:21 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62b1c17042628667003144e

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

204.79.197.200:443

GET /th?id=OADD2.10239317301173_11CL6NTG6CSIMT5HR&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 473067
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C932D6BB857144F9A787FA8B1E322F50 Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

204.79.197.200:443

GET /th?id=OADD2.10239317301582_1MLHFWTHBIK9NA4JB&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 283222
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E4656A34B034A599CCAB2C227A2843C Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

204.79.197.200:443

GET /th?id=OADD2.10239317301174_1DZVP9RMU2XGXAR8U&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 541009
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 12DFD577B6A449C5B07CC11D471ED490 Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

204.79.197.200:443

GET /th?id=OADD2.10239317301625_1HP779E00BH478LC1&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 278820
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D76471C818E4410EA45B89EB542425F9 Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

204.79.197.200:443

GET /th?id=OADD2.10239317301216_1YVZ0IIVCJV3CQIQF&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 278792
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 583FDC1200F34460945388ACC061DBCF Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

204.79.197.200:443

GET /th?id=OADD2.10239317301583_1IGYRX9U1IBYYG0PV&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 363285
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C5F564B954543CAAC661C655F0076BB Ref B: LON04EDGE1120 Ref C: 2024-01-03T06:22:42Z
date: Wed, 03 Jan 2024 06:22:41 GMT

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53