r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4635
Expires: Mon, 27 Mar 2023 06:10:21 GMT
Date: Mon, 27 Mar 2023 04:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17211
Expires: Mon, 27 Mar 2023 09:39:57 GMT
Date: Mon, 27 Mar 2023 04:53:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 04:15:41 GMT
content-type: application/json
age: 2245
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6146
Expires: Mon, 27 Mar 2023 06:35:32 GMT
Date: Mon, 27 Mar 2023 04:53:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GMUkcqbpros6Jfoep/QojxfY03dtF0iB5/yRZDAvsIJB21qD16gkGMkduA+mQLNNuXXnueuyXQGG95HAazpxlA==
x-amz-request-id: PCFSZTC0VTCD41VN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 04:01:30 GMT
age: 3096
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
clitaddict.com/favorites/add/10394149
198.251.92.108301 Moved Permanently 0 B URL HTTP/1.1 clitaddict.com/favorites/add/10394149
IP 198.251.92.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favorites/add/10394149 HTTP/1.1
Host: clitaddict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 27 Mar 2023 04:53:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.clitaddict.com/favorites/add/10394149
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.clitaddict.com/favorites/add/10394149
198.251.92.108200 OK 805 B URL HTTP/1.1 www.clitaddict.com/favorites/add/10394149
IP 198.251.92.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash eee032c4d7e5a5115b1da417e54d2085
2e649273f9520aa7e61b9e8b28839b93aa61f3e5
f319dca0931f9ccc76179e0cfb7ecb4105183ff9e5cbb1571a0b3360d79fa63f
GET /favorites/add/10394149 HTTP/1.1
Host: www.clitaddict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_f5a5c5c92b8ba0ce4c14073f16113b3c=1679888406; Hm_lvt_5c12b790669b92851ca13f1d4b7f4f67=1679888406
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:06 GMT
Content-Type: text/html
Content-Length: 805
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 04:17:24 GMT
age: 2142
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.clitaddict.com/common.js
198.251.92.108200 OK 1.1 kB URL HTTP/1.1 www.clitaddict.com/common.js
IP 198.251.92.108:0
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 84f351c5244a7ad0ce5dfeb0bf6cce52
117c940e5b74f3c9c13f899a5fb97f30904e11c2
ef0a0a72e8aa7f8485ea8b19c2e24d9bc9e07a42cedcbc46f98501fa4ca72063
GET /common.js HTTP/1.1
Host: www.clitaddict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/favorites/add/10394149
Cookie: Hm_lvt_f5a5c5c92b8ba0ce4c14073f16113b3c=1679888406; Hm_lvt_5c12b790669b92851ca13f1d4b7f4f67=1679888406
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:06 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4951
Expires: Mon, 27 Mar 2023 06:15:37 GMT
Date: Mon, 27 Mar 2023 04:53:06 GMT
Connection: keep-alive
www.clitaddict.com/tj.js
198.251.92.108200 OK 998 B IP 198.251.92.108:0
File type HTML document, ASCII text, with CRLF line terminators
Hash f154985829de043568ddead2f09b52b6
1ac42307e04e68f09ea6bee072e21f6cfb9b8cb5
af71fe68f9cc4186de112db9e7315b4eef925da32bb5d8e8d4f9f55b24c3ad96
GET /tj.js HTTP/1.1
Host: www.clitaddict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/favorites/add/10394149
Cookie: Hm_lvt_f5a5c5c92b8ba0ce4c14073f16113b3c=1679888406; Hm_lvt_5c12b790669b92851ca13f1d4b7f4f67=1679888406
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:06 GMT
Content-Type: application/x-javascript
Content-Length: 998
Connection: keep-alive
push.services.mozilla.com/
54.188.105.26101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.105.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zP7o4wtCWH+VVNFbS6OLJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L2dqekDy0BrhVG6SGB2ircUNuJI=
api.heiniu105.com/
210.56.56.30200 OK 836 B IP 210.56.56.30:0
ASN #64050 BGPNET Global ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8b4c6617105e8d2329f1a06a25b84e2e
674c0eab7fa89b373d62a9f980db13a4411133de
fe2a3a6eec16ef268c15678e1c263607d84869459590a58718338e2715f9ad24
GET / HTTP/1.1
Host: api.heiniu105.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:07 GMT
Content-Type: text/html
Content-Length: 836
Last-Modified: Sun, 05 Feb 2023 10:36:21 GMT
Connection: keep-alive
ETag: "63df86a5-344"
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.clitaddict.com/favorites/add/10394149
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.clitaddict.com/favorites/add/10394149
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.clitaddict.com/favorites/add/10394149 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 27 Mar 2023 04:53:07 GMT
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a58aa96ce3b8e1816da538e720cfe636
54a3789d2601928a00174cb3af040122d7819ee6
3a0b27ae9af0660f545d1f309e5ed39f2f5469e15f16ebf6c1603252134d3d4c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 04:53:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 31 Mar 2023 03:15:17 GMT
ETag: "54a3789d2601928a00174cb3af040122d7819ee6"
Last-Modified: Mon, 27 Mar 2023 03:15:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 307
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae507217db8fab4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a58aa96ce3b8e1816da538e720cfe636
54a3789d2601928a00174cb3af040122d7819ee6
3a0b27ae9af0660f545d1f309e5ed39f2f5469e15f16ebf6c1603252134d3d4c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 04:53:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 31 Mar 2023 03:15:17 GMT
ETag: "54a3789d2601928a00174cb3af040122d7819ee6"
Last-Modified: Mon, 27 Mar 2023 03:15:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 307
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae507218d630afa-OSL
www.clitaddict.com/favicon.ico
198.251.92.108200 OK 1.2 kB URL HTTP/1.1 www.clitaddict.com/favicon.ico
IP 198.251.92.108:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.clitaddict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/favorites/add/10394149
Cookie: Hm_lvt_f5a5c5c92b8ba0ce4c14073f16113b3c=1679888406; Hm_lvt_5c12b790669b92851ca13f1d4b7f4f67=1679888406
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:07 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 01 Apr 2023 04:53:07 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 27 Mar 2023 04:53:07 GMT
Etag: "4078521116"
Expires: Tue, 26 Mar 2024 04:53:07 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=14648849B8EBA71DF772E1FFEA903C14:FG=1; max-age=31536000; expires=Tue, 26-Mar-24 04:53:07 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Mon, 27 Mar 2023 09:15:14 GMT
Date: Mon, 27 Mar 2023 04:53:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Mon, 27 Mar 2023 09:15:14 GMT
Date: Mon, 27 Mar 2023 04:53:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Mon, 27 Mar 2023 09:15:14 GMT
Date: Mon, 27 Mar 2023 04:53:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Mon, 27 Mar 2023 09:15:14 GMT
Date: Mon, 27 Mar 2023 04:53:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2675eff2-41c2-434d-a816-41982423123c.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2675eff2-41c2-434d-a816-41982423123c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b4a9bd2963b4be37c19b40d31f9367e
8315955f1781fcf0c6c47288ae30829b3f184dd2
07cabee2fe922b5838d0c4d8e72fe0e33042a9a8545cb863f26d1bfd5c521ba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2675eff2-41c2-434d-a816-41982423123c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6915
x-amzn-requestid: c4226f98-b528-4036-a273-6b3e4e426945
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CUrBPHsnIAMFvXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e8ba1-7e5b64951671dd6476c83fe7;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 05:50:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: otokSASrgPUXgzGdNhCuQ8XDlrF99F33Ev7ajeXAZphSOjMaBSiGVw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:56:38 GMT
age: 86196
etag: "8315955f1781fcf0c6c47288ae30829b3f184dd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e999a9d79efe60a30b2942c5f2940294
c3891c43b16521f66eb3a52d83694de2ddd39871
290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 4740
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb2d1b24-5d13-4a28-9a31-f6dbc83f77fa.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb2d1b24-5d13-4a28-9a31-f6dbc83f77fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 871b83a693b8e856658d5382f476c82b
b95a95d2bee6bdac0f5e4134d97bf9270a1d15b9
a4f545d50ba4aa356f387650b2020395570d5b4e0ffc43378320ad57dc041081
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb2d1b24-5d13-4a28-9a31-f6dbc83f77fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9397
x-amzn-requestid: e5acdea1-e57c-426d-a2b5-9efed8b05322
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi7jFH_oAMFqYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b7c-7b1d92f0181b9a945fc5087c;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: WOa92gQL0vhX6U7oqTxpTPAXHCdnMkEva-IT02RY2uz48KV88cK2Vw==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 08:21:59 GMT
age: 73869
etag: "b95a95d2bee6bdac0f5e4134d97bf9270a1d15b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde0e44e9-0646-4a2a-8d42-b0e9a1386fdf.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde0e44e9-0646-4a2a-8d42-b0e9a1386fdf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ee0f7a06d9a04440fc0a0176ae5557
bfd464e91d57282251a011f1dcfdee19729a8c22
62760f4927e367cd67bff9f194ba0f93442dbcfae4831994934150616e523616
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde0e44e9-0646-4a2a-8d42-b0e9a1386fdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8111
x-amzn-requestid: 60a2905d-9129-47ce-a65b-9932a8acf929
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca79uEBboAMFuZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210d24-76d6c26a0a519c93131dc919;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:27:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: o1i5ZjjLjRXZcxj7gLm50T_7XoY59DWprneoSgy7-K2lilnGARDlEw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:55:05 GMT
age: 3483
etag: "bfd464e91d57282251a011f1dcfdee19729a8c22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cc79a830964d923d24a45f5ccc9939b
557cc4827414912c41319ad961c14cce71ed4a18
b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: psNReeBG7nAuKQXIMl1zwCVmvtZ-xwn6Fx8oAIX4wi4GCNUWNWOGMA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 22:12:36 GMT
age: 52837
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _g9kT_E1XbUL7UICSL8g0AR0ZYciqALNSNMyJyhFClAh_zMe8CwiRA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 06:28:01 GMT
age: 80707
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.clitaddict.com/favorites/add/10394149
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.clitaddict.com/favorites/add/10394149
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.clitaddict.com/favorites/add/10394149 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clitaddict.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 27 Mar 2023 04:53:08 GMT
api.heiniu105.com/news/api.php
210.56.56.30200 OK 48 B URL HTTP/1.1 api.heiniu105.com/news/api.php
IP 210.56.56.30:0
ASN #64050 BGPNET Global ASN
File type HTML document, ASCII text, with no line terminators
Hash 046691e8308c2adf72fc25247e2f9e80
a47d4ddf558d878140dd88a539159659e781345e
49f190d90d221b19e342cf6425fbb173e894ca0531935a3b08eaf83d980a6268
GET /news/api.php HTTP/1.1
Host: api.heiniu105.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.heiniu105.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?5c12b790669b92851ca13f1d4b7f4f67
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5c12b790669b92851ca13f1d4b7f4f67
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash c7a0e2f0296ac50ab8d8534993bb16c2
807e11553ef4229ed83929c2fca1342e79f6a58d
7e9b6978cb17d79800488bf81aa03a19692855aaade72f7a3b2efe03ac2398a4
GET /hm.js?5c12b790669b92851ca13f1d4b7f4f67 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clitaddict.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 04:53:07 GMT
Etag: 4184376c0e66c15e21af0cdc979fc6e9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1C194B6329CB6F58; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?f5a5c5c92b8ba0ce4c14073f16113b3c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f5a5c5c92b8ba0ce4c14073f16113b3c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 8dae7168d36412d4d2f86627a0ccd041
a588f5db22c4a5d3e3e9dc2a5bf1c808f897e7ef
08e44b14d18442cbe501c4c134ca2ccd31df4f0270fc811965c30d763e993816
GET /hm.js?f5a5c5c92b8ba0ce4c14073f16113b3c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clitaddict.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 04:53:07 GMT
Etag: 107675b016d6f4b3f3b9e2e9a4669173
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5F8156FFE6B7EB9B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
api.heiniu105.com/news/data.php
210.56.56.30200 OK 191 B URL HTTP/1.1 api.heiniu105.com/news/data.php
IP 210.56.56.30:0
ASN #64050 BGPNET Global ASN
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c393fd660ed8d47e2ad3459bbcedd63e
33d7d65c011ee0db4e9796da20a7f2d6816fc1c9
be68f0d12a02a5d0c0eccfa0f44428e011f2760f4a58336b20b6be5ac5f116ce
GET /news/data.php HTTP/1.1
Host: api.heiniu105.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.heiniu105.com/news/api.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 04:53:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1324688003&si=5c12b790669b92851ca13f1d4b7f4f67&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1324688003&si=5c12b790669b92851ca13f1d4b7f4f67&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1324688003&si=5c12b790669b92851ca13f1d4b7f4f67&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clitaddict.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 04:53:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7C1A2D55AB370903; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1258800044&si=f5a5c5c92b8ba0ce4c14073f16113b3c&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1258800044&si=f5a5c5c92b8ba0ce4c14073f16113b3c&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1679892806&rnd=1258800044&si=f5a5c5c92b8ba0ce4c14073f16113b3c&v=1.3.0&lv=2&sn=34151&r=0&ww=1280&u=http%3A%2F%2Fwww.clitaddict.com%2Ffavorites%2Fadd%2F10394149&tt=%E5%8D%8E%E4%B8%9C%E7%A4%81%E8%B5%84%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clitaddict.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 04:53:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8FDF83D0749C71C2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdddc4c17a78673cd6a0f9574b0dc3ca
856909125fac21f5bfd3149d0990985bc3645312
46965a05e76783d25329202ef0cf41c36e53cef805893d9515067c061fc54620
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46965A05E76783D25329202EF0CF41C36E53CEF805893D9515067C061FC54620"
Last-Modified: Sat, 25 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7631
Expires: Mon, 27 Mar 2023 07:00:20 GMT
Date: Mon, 27 Mar 2023 04:53:09 GMT
Connection: keep-alive
tupku.top/logotp/fff.gif
188.114.97.1200 OK 109 kB IP 188.114.97.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 109 kB (108625 bytes)
Hash 7f746939550d2ae41686ebf019a90ed7
8fccfd19873d3f91ba8b2d36680c42b650c653b2
16b6f5f802abc23c5788ad49bf0d3036db36fac0fd728e19548de61c54316252
GET /logotp/fff.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/gif
content-length: 108625
last-modified: Sun, 19 Jun 2022 13:14:28 GMT
etag: "62af2134-1a851"
expires: Thu, 06 Apr 2023 03:12:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1733982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqHXApJPskhJ6tpjRDmiigK6b6ovIuYCMuxw4UkQC%2BkU1lyJFB7rr2T2txrNTt1o06keSMzduQ23UxMLb5llCHewLpkrEd0wm0tscxtT0CfFRrI7kW6sq2g%2F8Po%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae5072e3a8c0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aooacctp.vip/lm/se5.gif
172.67.161.53200 OK 397 kB IP 172.67.161.53:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /lm/se5.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Fri, 07 Apr 2023 09:23:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1625336
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXINVck0SQaHcziv9S77nsObY3hRFQMcrh6QZpnxTCZyrLFt0C9ULQP2jbi8XOin0nKR7xU4Ac3XUaLXTK%2B9mU3wraI0ZWCdR4dT1EXdEGOZxgJKeDEZr7z4E3FuJp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae5072e3960b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tupku.top/lm/031815-80.gif
188.114.97.1200 OK 1.6 MB URL HTTP/2 www.tupku.top/lm/031815-80.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Sun, 02 Apr 2023 20:59:52 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2015541
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYm1D%2FCSCQAwaXKVUYgbQaIx4Y1g9fSBlVpPo27ZOGuU%2B5UwXKcK8qJvq35JT%2FCe0321x5lnpxIaKmalK1ZAIwb5YTdqGLcUPRvM2OWm16RVOrmmsYWlWO0QJhg15K%2BS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae5072e3a8a0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash cc74699c8cf037c014393e400aee710d
4933b09aa64e71dc7f03444b7939b6e06f023787
ead8f624c09656867a3187773a2ceb7578eeef0af57fe3407b96fb6c48bac75d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90659
Date: Mon, 27 Mar 2023 04:53:09 GMT
Etag: "641fde27-1d7"
Expires: Tue, 28 Mar 2023 06:04:08 GMT
Last-Modified: Sun, 26 Mar 2023 05:54:47 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v2HcIE2uBXZC6rqLWZK-fzcWUhpNz8z3fLIHqSAcFFSuvX5pgb9NHw==
Age: 561
media.smooch.io/apps/6285f2169b5df200f527f3e4/conversations/e88b1c6777de326b00e3a948/plC-iEObyjniaCdcFFIraTEc/900-200-6.gif
54.230.111.114200 OK 709 kB URL HTTP/2 media.smooch.io/apps/6285f2169b5df200f527f3e4/conversations/e88b1c6777de326b00e3a948/plC-iEObyjniaCdcFFIraTEc/900-200-6.gif
IP 54.230.111.114:0
File type GIF image data, version 89a, 900 x 200\012- data
Size 709 kB (709110 bytes)
Hash c2fe161673b4bc8b2d0cc4b742addb84
397260688ca654ab32ef69217b70d299ee822bc4
9fe15e6834a3a60f3adf5c0d4cc64efab21e74388265dd402377ca0f068d5923
GET /apps/6285f2169b5df200f527f3e4/conversations/e88b1c6777de326b00e3a948/plC-iEObyjniaCdcFFIraTEc/900-200-6.gif HTTP/1.1
Host: media.smooch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 709110
date: Thu, 16 Mar 2023 03:10:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 20 Oct 2022 12:13:28 GMT
etag: "c2fe161673b4bc8b2d0cc4b742addb84"
cache-control: max-age=315532800
x-amz-version-id: ghGYWYsEueSB5NVEZBqhO6bNo2tE4_U3
accept-ranges: bytes
server: AmazonS3
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
age: 956583
x-content-type-options: nosniff
x-robots-tag: noindex
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lK73W6qYYDtsNtL8JCfTYS51W9iYQAvrPGYIWoI2OzxDHWToDR7_oQ==
X-Firefox-Spdy: h2
www.heiniu3.icu/static/images/1.gif
64.32.9.60200 OK 254 B URL HTTP/2 www.heiniu3.icu/static/images/1.gif
IP 64.32.9.60:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /static/images/1.gif HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/gif
content-length: 254
last-modified: Mon, 13 Feb 2023 13:58:53 GMT
etag: "63ea421d-fe"
expires: Wed, 26 Apr 2023 04:53:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/html9/ads/dulian.js
64.32.9.60200 OK 859 B URL HTTP/2 www.heiniu3.icu/template/heiniu/html9/ads/dulian.js
IP 64.32.9.60:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (520)
Hash 4bcc6f9c7ba3cc470e268ed177458f78
368bd01cc9729ffccc2e6ef8b42866dca8465a3d
341841a258b657790131fee1a1d8f579bd0df037418437f4e7dbfbdbd2dcefa8
GET /template/heiniu/html9/ads/dulian.js HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: application/javascript
content-length: 859
last-modified: Sat, 25 Mar 2023 07:57:10 GMT
etag: "641ea956-35b"
expires: Mon, 27 Mar 2023 16:53:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/images/loading.svg
64.32.9.60200 OK 506 B URL HTTP/2 www.heiniu3.icu/template/heiniu/images/loading.svg
IP 64.32.9.60:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/heiniu/images/loading.svg HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:24 GMT
etag: "61da9f3c-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash bd4880268b324932f1ba981477827d07
a5142496220e3ee4af72f18dcf5fd7c69c1ef774
fa638928472655d581be0ed5ad579c16a3fee8e58e3de24bec065888944b26e5
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 04:53:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 31 Mar 2023 04:02:14 GMT
ETag: "a5142496220e3ee4af72f18dcf5fd7c69c1ef774"
Last-Modified: Mon, 27 Mar 2023 04:02:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2275
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae507304ac9fab4-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash cc4ccb1579409b9ae374f3e87bc2bc9f
f3f625e32cf8bd662e668d63937ee63aa8faae6a
a0c3e4b20a010a4a1fc36d0425bbc736eac5cbd8dcd53a076aad64623a36575f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 04:53:09 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 23:17:14 GMT
Expires: Sun, 02 Apr 2023 23:17:13 GMT
Etag: "f3f625e32cf8bd662e668d63937ee63aa8faae6a"
Cache-Control: max-age=584043,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae507304852067b-OSL
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash e395812a540ee2431e7b4509e71b1e13
6e0ef52f7a1b5cea0c79d03d9d738cd8bfd787a5
0041a267e3a851e3009aa4158bfc9b8f9e9f9de782095d5c9d99c5508260a2cd
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 76266d61-fecb-401d-b04a-476cb51f7aab
Content-Length: 1701
Date: Mon, 27 Mar 2023 04:53:09 GMT
Connection: keep-alive
www.heiniu3.icu/logo.html
64.32.9.60200 OK 870 B URL HTTP/2 www.heiniu3.icu/logo.html
IP 64.32.9.60:0
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 3b117c696716d50e45025c7a464065d7
7f3d0bb1724dab75549c25695836e2c30c6244b7
19c024811849a736ea5705ac8f7da5ccf10b2c12fd811c0693b51f418900ca1e
GET /logo.html HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: text/html
content-length: 870
last-modified: Mon, 13 Feb 2023 13:58:20 GMT
etag: "63ea41fc-366"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/images/video-mask.png
64.32.9.60200 OK 107 B URL HTTP/2 www.heiniu3.icu/template/heiniu/images/video-mask.png
IP 64.32.9.60:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/heiniu/images/video-mask.png HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/template/heiniu/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Wed, 26 Apr 2023 04:53:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/images/video-play.png
64.32.9.60200 OK 1.6 kB URL HTTP/2 www.heiniu3.icu/template/heiniu/images/video-play.png
IP 64.32.9.60:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/heiniu/images/video-play.png HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/template/heiniu/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:20 GMT
etag: "61d4644c-61f"
expires: Wed, 26 Apr 2023 04:53:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eea17289f8b376a5e5a1d36d954290a6
05b795cf9593d2348d281f5a70f0303bcc7ff73c
d32daa8f509cd0adbbbd0233dcc6ac41a5b18dcc30fad8e9145c0349cf0fea05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D32DAA8F509CD0ADBBBD0233DCC6AC41A5B18DCC30FAD8E9145C0349CF0FEA05"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11585
Expires: Mon, 27 Mar 2023 08:06:15 GMT
Date: Mon, 27 Mar 2023 04:53:10 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 733d77d1f2f1416388f560974d57cd03
a81878ae4f063e3c27ed7311dd89fd73e2721d8e
032f20e4413138339666e5ba9fbe97e783ac648d7621e98abb6f58f8682b163f
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e033fd6a-d673-4a5b-afdc-86793864908f
Content-Length: 1701
Date: Mon, 27 Mar 2023 04:53:10 GMT
Connection: keep-alive
hm.baidu.com/hm.js?d4e0c5a80073dc4a06760f766d6bd014
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d4e0c5a80073dc4a06760f766d6bd014
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 56136b03ff8a3cbcf6a0dc4549c59f94
dd23fbe9f89190429a5e9f792073f7a36b54e974
702d9edebf4db3cdbf2a13024840523af2fbd2d000bb727880a946df6ad6c829
GET /hm.js?d4e0c5a80073dc4a06760f766d6bd014 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 04:53:09 GMT
Etag: 60d81548cacbb5b6a095cc49c9a9b1ab
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=49DD7F6D0A1563C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.heiniu3.icu/logo1.png
64.32.9.60200 OK 370 kB URL HTTP/2 www.heiniu3.icu/logo1.png
IP 64.32.9.60:0
File type PNG image data, 1324 x 557, 8-bit/color RGBA, non-interlaced\012- data
Size 370 kB (370064 bytes)
Hash a11158c68b22f268712d7225f24ef06d
b9aafabb251fcdcf1dd711358c10e46656773031
dc4cebb48b3ba6425c0086b60bb77c8e5ab58eed01a2b7548411c8171ca9f608
GET /logo1.png HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:10 GMT
content-type: image/png
content-length: 370064
last-modified: Mon, 13 Feb 2023 13:58:35 GMT
etag: "63ea420b-5a590"
expires: Wed, 26 Apr 2023 04:53:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1136999.com/images/640353cfa35fc702b43a02bd.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1136999.com/images/640353cfa35fc702b43a02bd.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/640353cfa35fc702b43a02bd.gif HTTP/1.1
Host: img.1136999.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/f1/38/63e9ec277c505e8c545bf138.gif
X-Firefox-Spdy: h2
img.mengzhan24.com/loveimgmoe/f1/38/63e9ec277c505e8c545bf138.gif
172.67.24.77200 OK 262 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/f1/38/63e9ec277c505e8c545bf138.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 262 kB (261503 bytes)
Hash 9490591477b224b3a7005a4db2d1aff5
1fbc95d37a9cb9b66ceee42f2a7ec5325fed8371
0fdd79fa1d8c3a5e4e549b083573e9f858c1c3ea4aa70cad7fd614ee6a1cbd61
GET /loveimgmoe/f1/38/63e9ec277c505e8c545bf138.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:10 GMT
content-type: image/jpeg
content-length: 261503
cache-control: max-age=2678400
last-modified: Sat, 18 Mar 2023 16:45:09 GMT
cf-cache-status: HIT
age: 727358
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ae507351e4b0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
8499165.com/8499/zzxx/100x100.gif
172.247.109.214200 OK 95 kB URL HTTP/2 8499165.com/8499/zzxx/100x100.gif
IP 172.247.109.214:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash cbe62f27202512ec3475a092a3534a39
789ec835539f9dc252906eff2466f7ad6140970d
0a05a964d031df91ed0f89964558e0b8a9f34bd57c36d7dd9bf4a6453521d222
GET /8499/zzxx/100x100.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:10 GMT
content-type: image/gif
content-length: 95429
last-modified: Wed, 28 Dec 2022 09:29:04 GMT
etag: "174c5-5f0dfffdca9f7"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902831659&si=d4e0c5a80073dc4a06760f766d6bd014&su=http%3A%2F%2Fapi.heiniu105.com%2F&v=1.3.0&lv=1&sn=34153&r=0&ww=1280&u=https%3A%2F%2Fwww.heiniu3.icu%2F&tt=%E9%BB%91%E7%89%9B%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902831659&si=d4e0c5a80073dc4a06760f766d6bd014&su=http%3A%2F%2Fapi.heiniu105.com%2F&v=1.3.0&lv=1&sn=34153&r=0&ww=1280&u=https%3A%2F%2Fwww.heiniu3.icu%2F&tt=%E9%BB%91%E7%89%9B%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1902831659&si=d4e0c5a80073dc4a06760f766d6bd014&su=http%3A%2F%2Fapi.heiniu105.com%2F&v=1.3.0&lv=1&sn=34153&r=0&ww=1280&u=https%3A%2F%2Fwww.heiniu3.icu%2F&tt=%E9%BB%91%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 04:53:10 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4FEC7D33B129ECAB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
8499165.com/8499/zzxx/960x60.gif
172.247.109.214200 OK 291 kB URL HTTP/2 8499165.com/8499/zzxx/960x60.gif
IP 172.247.109.214:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 04:53:10 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
27.36.125.193200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
IP 27.36.125.193:0
ASN #136959 China Unicom Guangdong IP network
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1411145 bytes)
Hash 3e2a08c45f216f23995e08dc45ed0e86
c9390027ee4885cb509d8b2ad37d6daa9698631e
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f
GET /ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: image/gif
content-length: 1411145
cache-control: max-age=15552000
expires: Sun, 17 Sep 2023 09:09:04 GMT
last-modified: Sat, 26 Nov 2022 04:47:42 GMT
age: 503046
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 GD-UNI-1-MIX-215 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1679389744764-0-0-14-211-211;200;200-1679403464895-0-0-0-8-8;200-1679892789868-0-0-0-2-2
X-Firefox-Spdy: h2
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:45:37 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Wed, 26 Apr 2023 04:45:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.3.157403 Forbidden 0 B URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.3.157:0
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 27 Mar 2023 04:53:10 GMT
content-type: application/xml
x-amz-request-id: FRW81TKMMSNA2ZPR
x-amz-id-2: fMg8z6sXhVuc6/wqrgIOYblwYuIca7GtTOdEMZbVSJ99RnACVY147SucPJdyVdUg79VC3JqsJVE=
cf-cache-status: MISS
set-cookie: __cf_bm=Hhzgf.QTAiTWwPkDEbcr5216AWRch0qa_qWV_VKSXCw-1679892790-0-AYljBiAXdsYU6vbixDoqc6faYP08BhWHzf27C/zDDqMuGNu+0uB5tulgWaXVrxGjO1y5MdOONdGDM5AnK5FoDy0=; path=/; expires=Mon, 27-Mar-23 05:23:10 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae507307a2efac4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/css/zui.css
64.32.9.60200 OK 0 B URL HTTP/2 www.heiniu3.icu/template/heiniu/css/zui.css
IP 64.32.9.60:0
GET /template/heiniu/css/zui.css HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 10:41:58 GMT
vary: Accept-Encoding
etag: W/"62861ef6-164b3"
expires: Mon, 27 Mar 2023 16:53:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.imageshh.com/qptu-2220069/960-60.gif
23.225.223.125200 OK 0 B URL HTTP/2 img.imageshh.com/qptu-2220069/960-60.gif
IP 23.225.223.125:0
GET /qptu-2220069/960-60.gif HTTP/1.1
Host: img.imageshh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-type: image/gif
date: Sun, 26 Mar 2023 22:49:57 GMT
etag: "1679889284_br"
expires: Tue, 25 Apr 2023 22:49:57 GMT
last-modified: Mon, 27 Mar 2023 03:54:44 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT, policy, memory
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/static/js/jquery.lazyload.min.js
64.32.9.60200 OK 0 B URL HTTP/2 www.heiniu3.icu/template/heiniu/static/js/jquery.lazyload.min.js
IP 64.32.9.60:0
GET /template/heiniu/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Mon, 27 Mar 2023 16:53:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.heiniu3.icu/
64.32.9.60200 OK 0 B IP 64.32.9.60:0
GET / HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://api.heiniu105.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/css/ate.css
64.32.9.60200 OK 0 B URL HTTP/2 www.heiniu3.icu/template/heiniu/css/ate.css
IP 64.32.9.60:0
GET /template/heiniu/css/ate.css HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:24 GMT
vary: Accept-Encoding
etag: W/"61d46414-126e4"
expires: Mon, 27 Mar 2023 16:53:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.heiniu3.icu/template/heiniu/static/js/jquery.min.js
64.32.9.60200 OK 0 B URL HTTP/2 www.heiniu3.icu/template/heiniu/static/js/jquery.min.js
IP 64.32.9.60:0
GET /template/heiniu/static/js/jquery.min.js HTTP/1.1
Host: www.heiniu3.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.heiniu3.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 04:53:09 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:32 GMT
vary: Accept-Encoding
etag: W/"61d99aa4-17b8b"
expires: Mon, 27 Mar 2023 16:53:09 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2