saturdayclan.cn/cef-aq/tb.php?fmrbvshx1664027363103
172.67.186.177200 OK 612 B URL HTTP/1.1 saturdayclan.cn/cef-aq/tb.php?fmrbvshx1664027363103
IP 172.67.186.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Hash cbae2cb20f117ca8b3ceeed9cdd09454
44ef935250a1eb2677728eea66ee6b01f5494268
9c15a745a0177af85eee583563ba831ed03c0980e17223e0bc0bbf2dfbe6d35f
GET /cef-aq/tb.php?fmrbvshx1664027363103 HTTP/1.1
Host: saturdayclan.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:50:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oxqsy9rE6CqpdHeVOiZeDthfP6WN3v5DVYupCbMyPljX4L%2B1mcCopNPVqmnF8%2FQYDSPOxfBqYI7n9Brrvkl3cex0yp%2B5yVNdFJaW2NtMa%2BnvXpAb1AWTtSfqE1klsDFAAzg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fbfd31bdfb0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
13.224.245.77200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.245.77:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 13:05:41 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 91a147ab5e7c2b851b79e3f97fa5cb38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: 9xKS7PBLBLa7cJYQbmVLVkwhOogXdzsLdtTe1ht7XU5pa_gU1U8ZJQ==
Age: 2684
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Sat, 24 Sep 2022 16:33:01 GMT
Date: Sat, 24 Sep 2022 13:50:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.245.54200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.245.54:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8583d317c3b0492356857e1a1a67d192.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: _30wKZPsvrcuY8xX7gz7zY2t3DfCosR4U4Wj_ITFeeD5zqA_PwWitw==
age: 34642
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
saturdayclan.cn/favicon.ico
172.67.186.177200 OK 455 B URL HTTP/1.1 saturdayclan.cn/favicon.ico
IP 172.67.186.177:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: saturdayclan.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://saturdayclan.cn/cef-aq/tb.php?fmrbvshx1664027363103
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:50:25 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nOgSfbvWScoFzVLQREFE3Ddz8FHl2akFIB5u1jZ47yatoIBoBvpN3xb2FS5%2B1j3ri7cgmAGN1rsd4hi5Elfa1OyEWfXvL5SiNjz95v7nmThK4W8mY0RgJ23Aa%2F2RXicKS0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fbfd34187b0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
saturdayclan.cn/j/og2.js?_t=1664027424908
172.67.186.177200 OK 942 B URL HTTP/1.1 saturdayclan.cn/j/og2.js?_t=1664027424908
IP 172.67.186.177:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1664027424908 HTTP/1.1
Host: saturdayclan.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://saturdayclan.cn/cef-aq/tb.php?fmrbvshx1664027363103
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:50:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 11 Jun 2022 06:57:07 GMT
Vary: Accept-Encoding
ETag: W/"62a43cc3-850"
Expires: Sun, 25 Sep 2022 01:50:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr%2Fwlr%2Fwb4rR7zTeKrUN8wXCWZ413tYXw64cEaqGmDrXt7YSQJANrmCiMeThq%2BMPB76VoceE1%2FPzXFUjumjTQADiABCnRnFexfqgvaEa8lm05SaLYbp8iJET2zLEi6rP2aE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fbfd34b8fa0b31-OSL
alt-svc: h2=":443"; ma=60
saturdayclan.cn/j/og2.php?_t=1664027424968
172.67.186.177200 OK 102 B URL HTTP/1.1 saturdayclan.cn/j/og2.php?_t=1664027424968
IP 172.67.186.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 405302faae6fd91981f941492263ea18
be09f696953080d7ac857d0f1aeb9f3ab2c8424f
45f0c43f3491315933431aa87ad4b5d3ee23db0d5406e3789f7aeefffcaa7825
Analyzer Verdict Alert fortinet Phishing
POST /j/og2.php?_t=1664027424968 HTTP/1.1
Host: saturdayclan.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 46
Origin: http://saturdayclan.cn
Connection: keep-alive
Referer: http://saturdayclan.cn/cef-aq/tb.php?fmrbvshx1664027363103
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:50:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY0fYgb%2Bojx7HpiB6P%2BLHsZIRAMzAVxpP7TlvS3qe4m3wvFPbm4m8KwqbLgDvwSaD8c7gSgUV8KdfG%2FJabPCupgYRhViFsRTOMgNEO5dDPHhCeg3i2TyeQ%2BkUuGYW0gUA74%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fbfd3519470b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70328b8b5ea1f7b4a8300e3d5597aa7b
d7b394092a89618415b02172ad4cbd9785f04bc8
4927b7fc4846f0aa065a3e7c0da20baca1974d37862d1153982437e2b2eef9a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4927B7FC4846F0AA065A3E7C0DA20BACA1974D37862D1153982437E2B2EEF9A1"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 24 Sep 2022 19:50:26 GMT
Date: Sat, 24 Sep 2022 13:50:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.245.77200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.245.77:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 13:20:46 GMT
Expires: Sat, 24 Sep 2022 13:51:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 7d1508836f92a5f0f979c23535e9c7ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: HO5V0G9ys_fqzpGSDFDS-l1LSz9inFmLmCjmI0SoyAP5qAAZxpn-GQ==
Age: 1780
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70328b8b5ea1f7b4a8300e3d5597aa7b
d7b394092a89618415b02172ad4cbd9785f04bc8
4927b7fc4846f0aa065a3e7c0da20baca1974d37862d1153982437e2b2eef9a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4927B7FC4846F0AA065A3E7C0DA20BACA1974D37862D1153982437E2B2EEF9A1"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 24 Sep 2022 19:50:26 GMT
Date: Sat, 24 Sep 2022 13:50:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 11 kB IP 93.184.220.29:0
Hash f38208f5283120f87cb669880935f7e1
e6ddeccc8de481f47e38e83969120c7953d46d5f
dcf422e4b0898079cd3a809acf28cf8422e48454bae4445b0ebe4dff219b9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:26 GMT
Last-Modified: Sat, 24 Sep 2022 12:11:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1Sw7weiwiFeyBjrnQ8NKbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mxGMWqMp8fyC3N4DAR8QO/5UsCY=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.67.199.208200 OK 32 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.67.199.208:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 05514f696943ffed0ce0fc3d847e51ed
5fc362cb93df01dc79e5332295f5ff25ca257126
005513266bba40838210f4d2a5a98ce467ea90ed15426f0f8956ae256393acd1
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sat, 24 Sep 2022 12:38:17 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpSb8KFHWNbJitXZcpUw4whdRyk6Zu%2BD9As9TDK3e7hsRic8x5VFu%2Fn0qfKFw%2Fapir5TRjiMhOH3SDWgrmfYIsrSQ%2BKBRIXy%2BSItG6rTDsbh62pyxkBs38zrsElkSK%2FkMqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd387b26b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 259a439883dfe053ee63b278b202abbd
04faa57a03c887bdc92ebd32dd67065ea8d98eb5
a2e8d90d1c7083d03ae5cf3d3f6d01a53e07c5213d59afdf07ad91ee317e2304
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A2E8D90D1C7083D03AE5CF3D3F6D01A53E07C5213D59AFDF07AD91EE317E2304"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1427
Expires: Sat, 24 Sep 2022 14:14:13 GMT
Date: Sat, 24 Sep 2022 13:50:26 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash fccc06fd9243116beb5111d361767415
cb0fa5f47ec59a16f3de7cd39c61bb80a6b1e454
4b234a1022aab5dbab3aaf3b822bbed84f3991b7c30e038148f8c811d756735d
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:50:26 GMT
expires: Sat, 24 Sep 2022 13:50:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sat, 24 Sep 2022 10:39:09 GMT
expires: Wed, 17 Nov 2021 05:57:49 GMT
cache-control: public, max-age=86400, no-transform
age: 11477
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash a9ec8a019fc199f3cec6672f8c889559
71cf9934eced319c54c324b63dfb563b842a83ee
3375fbde7c71eecd0863dc7b1d453d3a4b81264334214530978f436fc1bc615c
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:50:26 GMT
expires: Sat, 24 Sep 2022 13:50:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RZ167Y5Y2K
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RZ167Y5Y2K
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 8011647a1b003e0d16153f1728ef9989
65d56ca5fca5bb7f6401cf23d3100ab97fbef415
e856155eb94fe1890fce0704f00cd91dbc0fefb14dfa9c1ceebdf4a2df54fd98
GET /gtag/js?id=G-RZ167Y5Y2K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 13:50:26 GMT
expires: Sat, 24 Sep 2022 13:50:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 885102346667bdfb391f19ed5f6835fe
66e97a8290b76ed3eeb66c6c056237cbdc55a515
9e5ea6d50832dec138cb7b250edee300a51156ce10b6dd712b0f297caa9503e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E5EA6D50832DEC138CB7B250EDEE300A51156CE10B6DD712B0F297CAA9503E2"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2539
Expires: Sat, 24 Sep 2022 14:32:46 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d6fb58103b3e7ce60c22705a9d3fc47
81ffa8b99d9077326d9df28daec19f8161b4ed96
5730ef3b82699af699415b0cefb9650995ba83a47bd0185df2d9cc4350662726
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5730EF3B82699AF699415B0CEFB9650995BA83A47BD0185DF2D9CC4350662726"
Last-Modified: Thu, 22 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1512
Expires: Sat, 24 Sep 2022 14:15:38 GMT
Date: Sat, 24 Sep 2022 13:50:26 GMT
Connection: keep-alive
cdnkey.net/upload/senelech.box2.png
172.67.198.109200 OK 2.3 kB URL HTTP/2 cdnkey.net/upload/senelech.box2.png
IP 172.67.198.109:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 26749fe02b0ce91381105071933bd9bd
d4dfb7b3638f27d3d56636058858b5c8e9f38768
f135e614f3881ca207418995ff103604b3431345e6d9ffdc364e650c918ab888
GET /upload/senelech.box2.png HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/png
content-length: 2344
x-guploader-uploadid: ADPycduVaozL-pWcKGn8RnMuB4KF6I9qn6cBUXufBfEglHeibPfiDgvKMzowsvqrRQouLaG5Qmvl-PIdAtSvm_mQ81dADg
x-goog-generation: 1662447055513249
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2344
x-goog-hash: crc32c=WJVIkQ==, md5=JnSf4CsM6ROBEFBxkzvZvQ==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:54:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:50:55 GMT
etag: "26749fe02b0ce91381105071933bd9bd"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrashT80riAPc7KpJsquaVi%2BslO6zrremfNxWdZiI4CgFhRffq%2BYX2fZolzwsL%2FO31%2B703UOjfqiBBahDEVZRRgMGGIR3sMBMoQ72Nfg6nISuzAfzgkqalbCcpFo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb6b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sat, 24 Sep 2022 10:39:09 GMT
expires: Mon, 22 Nov 2021 12:23:38 GMT
cache-control: public, max-age=86400, no-transform
age: 11477
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d6fb58103b3e7ce60c22705a9d3fc47
81ffa8b99d9077326d9df28daec19f8161b4ed96
5730ef3b82699af699415b0cefb9650995ba83a47bd0185df2d9cc4350662726
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5730EF3B82699AF699415B0CEFB9650995BA83A47BD0185DF2D9CC4350662726"
Last-Modified: Thu, 22 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15881
Expires: Sat, 24 Sep 2022 18:15:07 GMT
Date: Sat, 24 Sep 2022 13:50:26 GMT
Connection: keep-alive
cdnkey.net/upload/mxgdl-img.jpg
172.67.198.109200 OK 67 kB URL HTTP/2 cdnkey.net/upload/mxgdl-img.jpg
IP 172.67.198.109:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 19ab7bbae9d94b0a94f394972391d378
dcc854fc73412e2c72da5f61363feb7c2c627dea
e3eba425608c1d39b6c0fb84e7693555f5d4af5932346df662b41f0006a2602f
GET /upload/mxgdl-img.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 67127
x-guploader-uploadid: ADPycds-QABR8U-yMX0Ds5K2wBH_aA06_yOFgvxAz8WbX39Da-azkGGGWq5gwnPm7ZAU-kNM4eJ5XenvFgHwhxunfe97Pg
x-goog-generation: 1662445645672223
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 67127
x-goog-hash: crc32c=tD4+zA==, md5=Gat7uunZSwqU85SXI5HTeA==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:54:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:27:25 GMT
etag: "19ab7bbae9d94b0a94f394972391d378"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8Fsg9kKI8tqdDmM%2FGyrjBj9yFSZ69VUpWOh6uYsw%2B04Hgv8oLDDsIqr2m%2FHCXS2yeekUpEqFtacrja1pvdvjAYU0dpvJNfCPCe5V3I44AILd88D0kEyApgCLUZ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb2b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Lajal-Andreoletti.jpg
104.21.235.74200 OK 15 kB URL HTTP/2 263cdn.com/upload/Lajal-Andreoletti.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 253b04f6f6e6b206c18954201491884c
55b827b90a1e42ea8b685fa2c58d9325ab2e1801
d605034f4f1815723f8b299afe6f4a1a4f03e45b951892e42e74c16bd199279a
GET /upload/Lajal-Andreoletti.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 15109
x-guploader-uploadid: ADPycdvYReewKydUeG7pzGF7tzLjyjmRH6LFTvFhKM2x0EySpbt6JKID0jO7DvPuA4Amji0cx3ZcVBxakvQJ2SMfppjNBA
expires: Sat, 24 Sep 2022 14:24:30 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:47 GMT
etag: "253b04f6f6e6b206c18954201491884c"
x-goog-generation: 1655329607851920
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15109
x-goog-hash: crc32c=suZ9jQ==, md5=JTsE9vbmsgbBiVQgFJGITA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Hu2Sd9R1EuUwYxXuWBhMbZw%2B4hCCJJAoYlV38uT%2FqXvSfsuaV80X%2Fb6OoLq%2F4AfNSZtNP5zTA1nSMIi6uwaoSBFCHIrCyP7YbiMvD18XXR0tBhblsn%2Bxsm%2FD6f2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb9175cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/senelech.box1.png
172.67.198.109200 OK 7.3 kB URL HTTP/2 cdnkey.net/upload/senelech.box1.png
IP 172.67.198.109:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 581a72f08a0672924dc98cb3cc72fc11
c871aaeede79a0b5a7c5ae266c81bad3c8cb4892
aa3ebd6ea3842d800e05d7dc8a394b92a15f163928e241773d292d5aa540eab5
GET /upload/senelech.box1.png HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/png
content-length: 7257
x-guploader-uploadid: ADPycdvjsFG0k4muul0ZrY6zgUgDz2DX7XNIpmKjACyf_2B8lhtWDp2Ht-NO_cz9b4Cb4Mmw2UJ1UKCYI0nNVK4Jy9XIyg
expires: Sat, 24 Sep 2022 13:54:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:50:55 GMT
etag: "581a72f08a0672924dc98cb3cc72fc11"
x-goog-generation: 1662447055538211
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7257
x-goog-hash: crc32c=PT6Gyw==, md5=WBpy8IoGcpJNyYyzzHL8EQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kc5D6O8daSt4q%2FvAByCm%2FELaQ9r7jbQV5nru8z4DdUkH0tHIy2vVyXmRBD0O6UxCYaz9NUEcVLoNf8qv743ytiI3M95plHY%2BoQKJjARr4DUFKTiHCUFHRXLomb%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb5b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/mxgdl-kongbai.png
172.67.198.109200 OK 1.0 kB URL HTTP/2 cdnkey.net/upload/mxgdl-kongbai.png
IP 172.67.198.109:0
File type PNG image data, 72 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 19fe85afc632061da0e19db68e76d741
efa782f5eaf8298fb5f26583c7211d1305a5923d
12c3cf5230af47a529c311db4d726c1b4cc81d1901917d329d1a382613729434
GET /upload/mxgdl-kongbai.png HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/png
content-length: 1014
x-guploader-uploadid: ADPycduNQjPse8gbgCzwBrAxJXwCtpdJTNet7ofmY5yzTp5pPnsznjfdOxdJqR4f8eqwRKZOfMk6i6pBx-1qsCDx-j3BXQ
expires: Sat, 24 Sep 2022 13:54:33 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:27:25 GMT
etag: "19fe85afc632061da0e19db68e76d741"
x-goog-generation: 1662445645617985
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1014
x-goog-hash: crc32c=68pgXA==, md5=Gf6Fr8YyBh2g4Z22jnbXQQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FNVUwChqqc4T5vpj05W3ruMDWzYMdcAchBIqUcyixDxmQMiEsqG9qruDBwwgeI2k3nEmu9T3bMqlA9FtUQTo3GwtAwMLNezUAciYPb8mp09E6%2F5YCoPSc3bKsfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb0b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/mxgdl-zhong.png
172.67.198.109200 OK 4.3 kB URL HTTP/2 cdnkey.net/upload/mxgdl-zhong.png
IP 172.67.198.109:0
File type PNG image data, 208 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 29e3a23179c669f5394c39685f6c3fe6
e85e4ecb3cccdcc950670c798716e7d832c5da8c
39c85c2ea43449c9965f364a38da26fa8c8810524ff8294be224f1adca5a2b85
GET /upload/mxgdl-zhong.png HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/png
content-length: 4253
x-guploader-uploadid: ADPycdt_LMkTYAuPI57P0D4YRPzoWn4SgYOm7-6z0MaxVUylXd13HDWOyOmj1uBXA-pGl1TQZOYmGa_YWrVJxIcUkBOb0A
expires: Sat, 24 Sep 2022 13:54:33 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:27:24 GMT
etag: "29e3a23179c669f5394c39685f6c3fe6"
x-goog-generation: 1662445644615605
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4253
x-goog-hash: crc32c=cFFA9w==, md5=KeOiMXnGafU5TDloX2w/5g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c60ux%2BtuvThq3f8ueg0jn9GOuO%2BvZavuMjx6EzGYaqOx5lhJgRizUeDcFaCX71kwAX5ophaD6FBS3dUN0vW7nRqDD0L6va1Y9zmMQEfYt5JkvDMfRlRL1lJdUuy4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb1b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e6b19d3199cff026303c0ad975a0200
367f86579baee1a4d3a8745239e1fd2d8aa6a6f1
1604bbf6fbaac945a557c1851ddcbb25a6463e5bd56819b4d5dfb1419c692517
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1604BBF6FBAAC945A557C1851DDCBB25A6463E5BD56819B4D5DFB1419C692517"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2356
Expires: Sat, 24 Sep 2022 14:29:43 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
cdnkey.net/upload/senelech.box3.png
172.67.198.109200 OK 13 kB URL HTTP/2 cdnkey.net/upload/senelech.box3.png
IP 172.67.198.109:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 9787e6eddc06c9b3be4f8918012ff16e
adc6904482df10265fd41b1cead05578c0ce1e09
b8f2538c2ace8d7cd0ae3f635b74c34ea547ff1ffcacb3bc40a279cdefff6d46
GET /upload/senelech.box3.png HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/png
content-length: 12599
x-guploader-uploadid: ADPycduhf4_snHBCVDkmWMI6c_hK3oEqsaVuBzmnWl_nyPKxxiJQKUC0WaSwQPWk1aA4qcgcHZVLN-kgMKj8i4RoAVIt3A
expires: Sat, 24 Sep 2022 13:54:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Sep 2022 06:50:55 GMT
etag: "9787e6eddc06c9b3be4f8918012ff16e"
x-goog-generation: 1662447055472343
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12599
x-goog-hash: crc32c=qO2GZg==, md5=l4fm7dwGybO+T4kYAS/xbg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VrVOQUCQk%2BC%2FXATiXevpQEp%2FNWEvWdO8QD08dUr%2B3LRXT7fBZob9ovu4k6v5uE9MH1mhFQiLEiIttVeuhV%2BssuxIJ9LxbaO8I6aOzYPnPB09O8ERlkz3JWEc1sW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3a8bb4b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Pasquale-De-Mario.jpg
104.21.235.74200 OK 31 kB URL HTTP/2 263cdn.com/upload/Pasquale-De-Mario.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 8766793eaffde13c0196cc8e51bcb7c8
0214d7e63579790a42d6ef78d641bea72fd67e6b
7af1defd670c4e20c32d943e848c7b6450e3d4b8e6042ecae4000bf7e61f44e6
GET /upload/Pasquale-De-Mario.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 31433
x-guploader-uploadid: ADPycdsZZZ2ChpHhbY-HpD2uCQhjBqTX2KUueHtvmgKDoLHCxwGXlJSHEmfgzSD2H8mIepXs3Ww42WZLfH4AZXdfQVpl
x-goog-generation: 1655329634644952
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31433
x-goog-hash: crc32c=IoeA4g==, md5=h2Z5Pq/94TwBlsyOUby3yA==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:21:52 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:14 GMT
etag: "8766793eaffde13c0196cc8e51bcb7c8"
age: 3282
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDVDbPZV7WC2dzuD%2BrjFBNLMIIWj8ZzY%2FWhyfEQ%2B%2B90sUt64NvihF1lYGGfgvQZfEq%2FdDM7O4Uhctz%2Fk4oD33qAIDuXqdppK%2Bp61ozt3mwNxANYHwN9qHaBwy1er"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb9475cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/ba7.jpg
104.21.235.74200 OK 12 kB URL HTTP/2 263cdn.com/upload/ba7.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 9f45cd2318a98e6420f69b8082169cea
c3fa1294d3d511466dcda8e24c3cf217d0448ac5
d393710e18c0c4067b2add8f8c995113c67438213fd7d997690ded5a0bb8685f
GET /upload/ba7.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 11858
x-guploader-uploadid: ADPycdsgnsVRo9du9GiwLxPKHJhl4hJkxneNxRD799BZt-1lzBz4FxC_4egnFCWxUZxHINNG6F4OnTHDNItbZoL2GMkcvQ
x-goog-generation: 1655329779580384
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11858
x-goog-hash: crc32c=c7HtHQ==, md5=n0XNIxipjmQg9puAghac6g==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:14:01 GMT
cache-control: public, max-age=14400
age: 3282
last-modified: Wed, 15 Jun 2022 21:49:39 GMT
etag: "9f45cd2318a98e6420f69b8082169cea"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os%2FzHsIyhVE3eU1lC5p%2B0I9g1lRwoT%2FLU0rdC29jcrJOtWI8aRbhm3kznlVAR1Fy1wZjZ6zjV4Fi%2FG1b46RNsvdR4O2kVixqsrdoCDdqY%2B0x2wM8Egf%2BPDrmHn9C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb8f75cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Romina-Serio.jpg
104.21.235.74200 OK 29 kB URL HTTP/2 263cdn.com/upload/Romina-Serio.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 945b47aa15cc2d30ef604966704d5349
edb8ce88722176f20b9057b908f95db9ec276989
882f345c687c891c2a10d9ada0703aac926695fe7f5b0d1a4ea2bf2b14aa514d
GET /upload/Romina-Serio.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 28691
x-guploader-uploadid: ADPycdshCLO4WQ2qYVDk2rsTBazJN9pyDVORcrwl0M-1n0Bwbkik6f4Smxg-p4hLG9sEK3lw-WXUiON5bXR7xRMNZHDSrA
x-goog-generation: 1655329646624223
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 28691
x-goog-hash: crc32c=eck9/Q==, md5=lFtHqhXMLTDvYElmcE1TSQ==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:16:46 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:26 GMT
etag: "945b47aa15cc2d30ef604966704d5349"
age: 3282
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FG7Ptp6%2Bee7PR1scI0SQ47qeu%2F%2F9uSGcfTp41MyJ4vsGRHyWZHotTBZV65qpo4P6buapyVaT%2B5WbTLUnumOpy2thBJfzWy6B%2F2mXMh%2FBv3DD78xgFsiT%2F3KnOhxB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb9375cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Alessia-Tedde.jpg
104.21.235.74200 OK 19 kB URL HTTP/2 263cdn.com/upload/Alessia-Tedde.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7c895241eb09fd4c275536ab89875f03
3604fde33e21910389ad8499647872893b55d772
939144b07af541791fda99bc284850def8f72c1731c5d58c3d6883676921c766
GET /upload/Alessia-Tedde.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 19432
x-guploader-uploadid: ADPycds8KytoK-UHw-8sZfkQb-dfT8fWoVQhjdF0hEQmHaTwXIP0VKmgLsj2_4mS64jAO-uonBY2Ac_d7WqI0K6-MPw3Gw
x-goog-generation: 1655329527100884
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 19432
x-goog-hash: crc32c=FBG71Q==, md5=fIlSQesJ/UwnVTariYdfAw==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 14:24:31 GMT
cache-control: public, max-age=14400
age: 1308
last-modified: Wed, 15 Jun 2022 21:45:27 GMT
etag: "7c895241eb09fd4c275536ab89875f03"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VT0XhJ7WThP3dLZ6GXIz6mkhgVu4fhuGFy2jJDQkHzoXiZ%2F0oCUVrQlU6gud6wXaMbqCEz0a%2BvQevJg2WaRx1U3SONv19Ya0cfQ%2FhoMbesbAZZEfO%2F%2FGGi9%2FGeZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb9575cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Daniele-Careddu.jpg
104.21.235.74200 OK 20 kB URL HTTP/2 263cdn.com/upload/Daniele-Careddu.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 190058145b0386db4982c826ae1dbca6
91a35e386112e629b481109cd58115fc21b07c30
946ce4fe937ba4b89ba654aeeb5601d2db0fd7a6ce67677e25a04e33bcab82c9
GET /upload/Daniele-Careddu.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 20444
x-guploader-uploadid: ADPycdvMymSEYjkzB8oC13rMaQlPMqh40Mi1HjONGCEpLPbsxRwTK8hXcT4FzqEXLq-aqDBSIRNd8GnNbmFPGXbYYgGBwQ
expires: Sat, 24 Sep 2022 14:24:30 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:06 GMT
etag: "190058145b0386db4982c826ae1dbca6"
x-goog-generation: 1655329566914840
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20444
x-goog-hash: crc32c=ZzORVQ==, md5=GQBYFFsDhttJgsgmrh28pg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxhJOgQn%2F6ZeYIjkmeYp2gDYswEkCRZY2rpziCPLQNL3xSQp7ZZc%2B%2Bk9xKEeryM45nNrXP5w%2F3gJme19PTx%2FlNpDr53rZEhUixvzxyrF06obt9MGpEIP1PHuAknX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3aeb9075cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d6fb58103b3e7ce60c22705a9d3fc47
81ffa8b99d9077326d9df28daec19f8161b4ed96
5730ef3b82699af699415b0cefb9650995ba83a47bd0185df2d9cc4350662726
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5730EF3B82699AF699415B0CEFB9650995BA83A47BD0185DF2D9CC4350662726"
Last-Modified: Thu, 22 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1511
Expires: Sat, 24 Sep 2022 14:15:38 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
263cdn.com/upload/Valentina-Epifanio.jpg
104.21.235.74200 OK 15 kB URL HTTP/2 263cdn.com/upload/Valentina-Epifanio.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 16da3d3f6c85e7f1bd3d4488d2c6a457
0930815a0d7332113b3c1433fbfa9f7bf8f665eb
ae8a3fbf059c53b11f0cf19815ceb76e2c49c70cd30e864452a404b3335536dd
GET /upload/Valentina-Epifanio.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 14783
x-guploader-uploadid: ADPycduvWWTHq8X3nT6RcyLpr4-gVsj-FE7QxiGx3eRqUmVldnQw-LvglA6S0-f0bGX8264C67QK2ASJbX8IeFAYis3Q3A
x-goog-generation: 1655329679895372
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14783
x-goog-hash: crc32c=rhc6Ew==, md5=Fto9P2yF5/G9PUSI0sakVw==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 14:15:07 GMT
cache-control: public, max-age=14400
age: 596
last-modified: Wed, 15 Jun 2022 21:47:59 GMT
etag: "16da3d3f6c85e7f1bd3d4488d2c6a457"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUgKUfTKpNvtvtzQpDkTqPZzs90%2F8mi%2BBl1B5zSnGBn0zM52T9uzfhHS3jGiu9wNkoyQY6Y5s146ZTUROfCJaFe4AxLseWExWlq3DUV6noDc04p2vL2Ipl8VnTZY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3b7c8275cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Sabrina-Bracco.jpg
104.21.235.74200 OK 20 kB URL HTTP/2 263cdn.com/upload/Sabrina-Bracco.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 987726e964c9ca71d6f7157611f581d3
6ef55000700d31fe1d3ff43b63d044f93f75a682
c51a3517ebfef02c4c8a6bae8fc7f035035227b093191d76e39c2e1d318fb63a
GET /upload/Sabrina-Bracco.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: image/jpeg
content-length: 20011
x-guploader-uploadid: ADPycdt3Bh3c4awlKC_A_b_JHrkVJI4mU6yjgBwn1v-wD9_A9JrpYogE8-xoc8t7vU7vOVkbHp-L-Ss2tJb1T-kv4Jg3Roow5IGI
expires: Sat, 24 Sep 2022 14:24:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:30 GMT
etag: "987726e964c9ca71d6f7157611f581d3"
x-goog-generation: 1655329650711216
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20011
x-goog-hash: crc32c=4Y+yYQ==, md5=mHcm6WTJynHW9xV2EfWB0w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 595
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4QbxkH6YMI7Ensx%2FQIB8sD8mqbGOE1g6bdJhtm%2BNGneOEBReHvaOrpzbyDWad1Z6ANnEBQBfx1QuEMfbQ%2BNA9LnxTwqjqYd4XsaQ3nUfUbKt8e6Yv%2Fv2AsssCid"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd3b7c7c75cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2030309a4083105ad0f162c2b177b1e
7ca10336983430676146b76f40af4d06a346e3b9
9bcbac38b8c0d2f46a0fc2a8a6bfc846011901d97dcba455f235f1207879829a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9BCBAC38B8C0D2F46A0FC2A8A6BFC846011901D97DCBA455F235F1207879829A"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21328
Expires: Sat, 24 Sep 2022 19:45:55 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-RZ167Y5Y2K>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-RZ167Y5Y2K>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RZ167Y5Y2K>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yangming112233.cn
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://yangming112233.cn
date: Sat, 24 Sep 2022 13:50:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0C230YDF7G>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yangming112233.cn
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://yangming112233.cn
date: Sat, 24 Sep 2022 13:50:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=2oe9l0&_p=182664421&cid=1342059251.1664027426&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664027426&sct=1&seg=0&dl=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021&dr=http%3A%2F%2Fsaturdayclan.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yangming112233.cn
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://yangming112233.cn
date: Sat, 24 Sep 2022 13:50:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12986
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12986
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12986
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12986
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 13:50:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 57397
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
qoaaa.com/js/responsive.js
185.66.201.42200 OK 11 kB URL HTTP/2 qoaaa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Hash c8a101f6d7377f4baad190ed859cd877
5bb9e2c7440c4cacdf8cf1275a68d0bb2fc36b3b
7ab166fa300ad1426cdf18d69af6f5715a069aded104af41ffb2d9e254be3982
GET /js/responsive.js HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 17:57:57 GMT
etag: W/"6329ff25-cd3"
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 57471
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 34669
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 57759
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 57206
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1ad39dd4ff227f2da2ac582f66e74c31
064f54e219ffe4391dd2feee9303ce92df25eff3
83136d9f8afae9a0879ebbd328aeebdfc52eb533a013c4561cfa15ab0919f921
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 13:50:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 28 Sep 2022 10:00:27 GMT
ETag: "064f54e219ffe4391dd2feee9303ce92df25eff3"
Last-Modified: Sat, 24 Sep 2022 10:00:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fbfd45883cb527-OSL
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 3cf6e01ecd87770e4c01dd456b2d42c4
2d64b0d616630e0f7b312293a041383702093777
8c1a496a333cd4400bb40bd1e7ec7f4b87ca397d0c48ee52c23254961d43e41d
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 13:50:29 GMT
Etag: 26b09564bf5b9cf95b61662ea34818b8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=83BE42DCEEE302A7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (637)
Hash 7e696ad91c47d1c05dbd08b3ffae4b1b
be99aea679875f7b13271b8492add0585f220a86
5848be2e4cf6fa114c0fa6bdce6b80b70fecf4073862d46bfe39b583f73535ab
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11350
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 13:50:29 GMT
Etag: 9088e97942edaba03dcaa4cc991cf659
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=363E1552F2153984; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (665)
Hash cf66a73b39da2013f24f19e10e865bc2
ad3b854ba863ced823cea20bb8ed7a72a559df1b
94459e27dd47e8bdb9ab5f9296fe0d2fd032cb77b7c449ed63ce415162895fab
GET /hm.js?b521817f22507716e364b3fe28644f8b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11378
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 13:50:29 GMT
Etag: 3619829aabcb65fef1fb35595e50e3eb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5A73F7550FD779D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ccdcabee3d34333daf094a41f0fc2dd2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ccdcabee3d34333daf094a41f0fc2dd2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (669)
Hash 2140e483b105a910928299720efa3042
a3d139bd3ad94de01edb4af00ed7572e2f0759c2
2bf9d5f040d5f3477fcb6c3aa8daa7046af694603b97c09a2e0275a73bf44929
GET /hm.js?ccdcabee3d34333daf094a41f0fc2dd2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11382
Content-Type: application/javascript
Date: Sat, 24 Sep 2022 13:50:29 GMT
Etag: 6c5b7683761f5b9c003b4c169d6eb114
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FDBB1CCD1763E556; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=696256274&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=696256274&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=696256274&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 24 Sep 2022 13:50:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9885E1AD630C15C7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736317049&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736317049&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736317049&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 24 Sep 2022 13:50:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6B7D790E8EA473D2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=720798135&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=720798135&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=720798135&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 24 Sep 2022 13:50:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6FC6878F4D1729F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1888272067&si=ccdcabee3d34333daf094a41f0fc2dd2&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1888272067&si=ccdcabee3d34333daf094a41f0fc2dd2&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1888272067&si=ccdcabee3d34333daf094a41f0fc2dd2&su=http%3A%2F%2Fsaturdayclan.cn%2F&v=1.2.97&lv=1&sn=28244&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fyangming112233.cn%2FSwCYzb1y%2Fcef-aq%2F%3F_t%3D1664027425021%231664027426503&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FFederal%20Electricity%20Commission%20Government%20Electricity%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 24 Sep 2022 13:50:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0ECF3E5775DF7F27; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 13:50:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Catamaran:800&display=swap
142.250.74.10200 OK 875 B URL HTTP/2 fonts.googleapis.com/css?family=Catamaran:800&display=swap
IP 142.250.74.10:0
Hash 2489704a73130be87564a8d2f7a2cdef
7915a67f4ac90facbf68d4f28332a868ff8502d7
e3da678caedaf61a5eb29485e60a98f0c58e366ac8ecd829a69848685bc654ed
GET /css?family=Catamaran:800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 13:50:30 GMT
date: Sat, 24 Sep 2022 13:50:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94392dd72309f909c8c484949b7233e
66253ac247cd7e4beee834a350289b215aa60683
c8958750fb5306cf80b81827bb88a4f3f368ff9b6ccf4f204a29b1d4da7e3723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8958750FB5306CF80B81827BB88A4F3F368FF9B6CCF4F204A29B1D4DA7E3723"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12209
Expires: Sat, 24 Sep 2022 17:14:00 GMT
Date: Sat, 24 Sep 2022 13:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94392dd72309f909c8c484949b7233e
66253ac247cd7e4beee834a350289b215aa60683
c8958750fb5306cf80b81827bb88a4f3f368ff9b6ccf4f204a29b1d4da7e3723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8958750FB5306CF80B81827BB88A4F3F368FF9B6CCF4F204A29B1D4DA7E3723"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12281
Expires: Sat, 24 Sep 2022 17:15:12 GMT
Date: Sat, 24 Sep 2022 13:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94392dd72309f909c8c484949b7233e
66253ac247cd7e4beee834a350289b215aa60683
c8958750fb5306cf80b81827bb88a4f3f368ff9b6ccf4f204a29b1d4da7e3723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8958750FB5306CF80B81827BB88A4F3F368FF9B6CCF4F204A29B1D4DA7E3723"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12235
Expires: Sat, 24 Sep 2022 17:14:26 GMT
Date: Sat, 24 Sep 2022 13:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94392dd72309f909c8c484949b7233e
66253ac247cd7e4beee834a350289b215aa60683
c8958750fb5306cf80b81827bb88a4f3f368ff9b6ccf4f204a29b1d4da7e3723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8958750FB5306CF80B81827BB88A4F3F368FF9B6CCF4F204A29B1D4DA7E3723"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12244
Expires: Sat, 24 Sep 2022 17:14:35 GMT
Date: Sat, 24 Sep 2022 13:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94392dd72309f909c8c484949b7233e
66253ac247cd7e4beee834a350289b215aa60683
c8958750fb5306cf80b81827bb88a4f3f368ff9b6ccf4f204a29b1d4da7e3723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8958750FB5306CF80B81827BB88A4F3F368FF9B6CCF4F204A29B1D4DA7E3723"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12195
Expires: Sat, 24 Sep 2022 17:13:46 GMT
Date: Sat, 24 Sep 2022 13:50:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KfRlAHaZjrBNyxoYsUtQZ0TgMGD99mnrC3GViYCTRcHPtDfgYbLczg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:02:30 GMT
age: 56884
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.67.199.208200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.67.199.208:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Sat, 24 Sep 2022 13:05:00 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 3445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3exHN8aVMVmbkxBsywEf2VNBrA6FmJdAKHGMis%2Bp1FH0jut%2FfArB%2Bfgzuf7NlrMU08wdZydBZFYqJq2RY%2BCxjKS%2BB1C8eoo3eX0AKkiXfciZo%2BRQSJGma7CXD76SFDACHQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd387b2db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: application/javascript
expires: Sat, 24 Sep 2022 13:50:27 GMT
last-modified: Sat, 24 Sep 2022 13:50:27 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/spider.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/spider.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/spider.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:50 GMT
vary: Accept-Encoding
etag: W/"5d9da79e-f2f2"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/monster.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/monster.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/monster.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:27 GMT
vary: Accept-Encoding
etag: W/"5d9da7c3-6f44"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/ufo.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/ufo.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/ufo.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:05 GMT
vary: Accept-Encoding
etag: W/"5d9da771-13b4b"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
yangming112233.cn/SwCYzb1y/cef-aq/?_t=1664027425021
104.21.28.224200 OK 0 B URL HTTP/2 yangming112233.cn/SwCYzb1y/cef-aq/?_t=1664027425021
IP 104.21.28.224:0
GET /SwCYzb1y/cef-aq/?_t=1664027425021 HTTP/1.1
Host: yangming112233.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://saturdayclan.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGysX3Cun42b9oKX825Z%2FOPGq7I5AghcO4U%2FsFAW0a199VzLqXbFo8MxJJNK96jcK2sBkWaSv1oxaSWvJup%2B%2Fr7Vjd4MuAgTVFwoa47sdBdnX7AwjYxzcac23XvK5%2BFqrQUonA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fbfd36ab7c0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.67.199.208200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.67.199.208:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Sat, 24 Sep 2022 13:36:58 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT3KCzUD%2B%2FpKIoqNqGFh7gE62qhyLDltShMlMhgBh5%2FMMRzRlQHfXsj%2BR8k0VsCvKuVEG%2FS20%2BfvrFMIhbuEQfTibmG5OBnPR7eN5Xky%2F2VVFyE755kDMfTMJb7WPDKexPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd388b3bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.67.199.208200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.67.199.208:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sat, 24 Sep 2022 13:41:43 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikxe7f%2Fijpp73zw16P4u%2Bskik9%2BwTaCQQFwjf8LCnY6F4wqGJhXmezFkj2WlQu9RV4a6TRWZUc7PSc9umAmP5XjHNXs7CkWl7fkQwd9Ij2v4uk7TF4B45EqtCePQEXbgi8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd38ab76b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166402742723168&xtt=7354713
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166402742723168&xtt=7354713
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166402742723168&xtt=7354713 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:27 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 13:50:27 GMT
last-modified: Sat, 24 Sep 2022 13:50:27 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/rocket.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/rocket.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/rocket.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:15 GMT
vary: Accept-Encoding
etag: W/"5d9da7b7-160b5"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/tornado.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/tornado.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/tornado.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:36 GMT
vary: Accept-Encoding
etag: W/"5d9da790-a397"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/unicorn.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/unicorn.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/unicorn.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:24:51 GMT
vary: Accept-Encoding
etag: W/"5d9da763-20b52"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/fire.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/fire.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/fire.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:37 GMT
vary: Accept-Encoding
etag: W/"5d9da7cd-17dc1"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/sr.css
172.67.199.208200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/sr.css
IP 172.67.199.208:0
GET /npm/bootstrap@4.6.0/dist/css/sr.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/css
x-guploader-uploadid: ADPycduD-oecLGxdSVXxwsATms3sZ66KUyJQMx86RGpCbZYX3ICKx1iZA9il28jSUCwHCQ3gKHfrPibNdTgninyBBtinxg
expires: Sat, 24 Sep 2022 13:24:33 GMT
cache-control: public, max-age=3600
last-modified: Fri, 22 Apr 2022 09:51:08 GMT
etag: W/"75710b7c7ae0013c5cda99a0053ec3d9"
x-goog-generation: 1650621068399108
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20647
x-goog-hash: crc32c=3qMyMQ==, md5=dXELfHrgATxc2pmgBT7D2Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsauGGphdudzIyGzDxxBO20VYSTDhOQ04OKlXdSJxUaS8e1J6Cxa3DH1xlGwaBESn%2FW3jho89%2BkBMk8YYaTvqnjbt3YklO4rpmUd5iNjZ2oRgaNYhcBwH7uzUwPnfGFg6Jg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd388b39b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.67.199.208200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.67.199.208:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 13:50:26 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sat, 24 Sep 2022 13:41:43 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLeeJglO0IL%2F0UZhiMZIAjFR%2FZtOReivQyDoaQCn7l4wSHlFcxbnaznzN1rUoyAlFheE8xPd5XgxHo1jjt0sXEn2ZC0LA4UuWm7PI1d823ZJiWUR9g7jigvLdOkMivZa6c4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fbfd389b5bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qoaaa.com/4fe48aebd6/4f59451604/?placementName=Pop&randomA=0_7000&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 qoaaa.com/4fe48aebd6/4f59451604/?placementName=Pop&randomA=0_7000&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Pop&randomA=0_7000&maxw=0 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yangming112233.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sun, 25-Sep-2022 13:50:30 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633356=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=50969; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=50969; secure; SameSite=None
used_c_51859=1; expires=Sun, 25-Sep-2022 13:50:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/tsunami.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/tsunami.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/tsunami.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:19 GMT
vary: Accept-Encoding
etag: W/"5d9da77f-15e0e"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/shark.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/shark.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/shark.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:04 GMT
vary: Accept-Encoding
etag: W/"5d9da7ac-197f9"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/water.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/water.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/water.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 13:50:31 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:24:25 GMT
vary: Accept-Encoding
etag: W/"5d9da749-1ac32"
expires: Mon, 24 Oct 2022 13:50:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2