r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13408
Expires: Mon, 05 Dec 2022 05:06:25 GMT
Date: Mon, 05 Dec 2022 01:22:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5459
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:22:57 GMT
Etag: "638c76f5-1d7"
Last-Modified: Sun, 04 Dec 2022 23:51:58 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 01:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 167
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5007
Expires: Mon, 05 Dec 2022 02:46:24 GMT
Date: Mon, 05 Dec 2022 01:22:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tf2s3cYbGHM4y6zHPIb8SMlThTq6yL82/mrxUVKtU0JGoOCAV7P+/T806Cg8AC421B7Jqwv9OOY=
x-amz-request-id: BWM2593CGGHDWYGW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:46 GMT
age: 2111
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:22:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 839
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5433
Cache-Control: max-age=119666
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:22:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:37:24 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.202.70.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.70.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oXK9zYhzZbR25m6WF8njBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uzxN7g/ZIH1yjxRbwc7n/sCi1yY=
beijing2013.com/
107.163.136.149301 Moved Permanently 0 B IP 107.163.136.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.beijing2013.com/
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:22:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:22:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:22:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 12870
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: 68443283-d7bf-4a40-8b2a-32c81e160d35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUkE6foAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb6-570021b92c46c99d1ad363bd;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S96VFv064j3TfGQEG2cAJxe7UdaSey-JJUGERVgpm8mtdTmPk7FE6g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:44 GMT
age: 79275
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4Id8aWDt9bVlBXcsMK9LEAoqggewzLb9h4eZfuvYMGON2NnwyiP3Pg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
age: 12870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:22:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe33ecc20db57514c51c90694efebb16
e00b8b1bc1f98df439a264d1cd881e1021d7fdd5
9b0e56806a9f4e7458b58c29ec2050faebcded4ff1c4ef430733171ddae68cb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7396
x-amzn-requestid: 9c3c8894-b018-4063-b3c8-abd67db3d94c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKVmHlBIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdbd-415092c018c6590d4e133cb0;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fIwvcQ7gRhcPjiPRUMfsVmN1POsSu1vAcYsKLoQvKuZTeEnHz3Jurg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:13:24 GMT
age: 79775
etag: "e00b8b1bc1f98df439a264d1cd881e1021d7fdd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 12870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:22:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 33852
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.beijing2013.com/tj.js
107.163.136.149200 OK 210 B URL HTTP/1.1 www.beijing2013.com/tj.js
IP 107.163.136.149:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b0c8e84be165745a2396a994b0e3ae9c
efde52ee48bf3118d2d71fd11273a2bfdb47cb8a
fca73e2ae287d8508c7fe29fa73b39abe1ea3510dde8f1550bd3bfbe568d233b
GET /tj.js HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 210
Content-Type: application/x-javascript
Server: nginx
www.beijing2013.com/common.js
107.163.136.149200 OK 1.1 kB URL HTTP/1.1 www.beijing2013.com/common.js
IP 107.163.136.149:0
File type ISO-8859 text, with CRLF line terminators
Hash b7b3dcbfc54058d0d3edca58c1bb23e5
548a6e57aba6289135b0a81abde50c0007498a33
6369b4eadb610426bdf051b25aafc294675f35a715394a0d17d433f2dcf2781c
GET /common.js HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 1103
Content-Type: application/x-javascript
Server: nginx
cdn.jsdelivr.net/gh/te89899/vips@main/tjb.b
151.101.193.229200 OK 17 kB URL HTTP/2 cdn.jsdelivr.net/gh/te89899/vips@main/tjb.b
IP 151.101.193.229:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash ef3d074e20c785fa267ebcc2900ced9e
da1aebda5e674ce37c444a6decdd3e14547ff975
03e72acc26cf8bfab0fd2f04d1252ea4dee6e4dd804ab38744de14247f0e01d2
GET /gh/te89899/vips@main/tjb.b HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
content-type: application/octet-stream
etag: W/"43aa-2hrr2l5nTON8REpt7N0+FFR/+XU"
accept-ranges: bytes
date: Mon, 05 Dec 2022 01:22:59 GMT
age: 30481
x-served-by: cache-fra-eddf8230084-FRA, cache-bma1637-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17322
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash b040d67a8ed4e23e5ca5a9b1a8abf4b0
05b62be478fd251f20c70f8b6c53eb5b2873c59a
00cd008c7ddf75ea7834f62f8fdf2fae9ef8728b1d753c4a8a5432568034bbc2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4CC1FB4284A05FEBCCEC8811C9BB97C3A69AA902"
Expires: Mon, 05 Dec 2022 12:00:00 GMT
Last-Modified: Mon, 05 Dec 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1590
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748f954ac850b39-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aa8f5d1b20bb4946f1a05a6298a6094c
4a1269ed3959cd9fc0c9f5040cf9b2d39706d4be
892de38c89078216051dfef60a9158fe361b1d9927a50df8f5e995c76bed7960
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120014
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:22:59 GMT
Etag: "638c79c1-116"
Expires: Tue, 06 Dec 2022 10:43:13 GMT
Last-Modified: Sun, 04 Dec 2022 10:43:13 GMT
Server: nginx
Content-Length: 278
www.beijing2013.com/
107.163.136.149200 OK 222 kB IP 107.163.136.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1848), with CRLF, LF line terminators
Size 222 kB (221543 bytes)
Hash 0aa71a1c6f972b6da0fc85b8ce4b5ed5
31d1fcb6fb0580b5fb0fc4ffb8cd2aef9ea41274
c292005247095419b1ce8a660e12894482ea5c63f5c27278fa46e38698ce1cc7
GET / HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:56 GMT
Content-Length: 221543
Content-Type: text/html
Server: nginx
www.beijing2013.com/template/m1938pc/css/1.css
107.163.136.149200 OK 34 kB URL HTTP/1.1 www.beijing2013.com/template/m1938pc/css/1.css
IP 107.163.136.149:0
File type Unicode text, UTF-8 text, with very long lines (3613), with CRLF line terminators
Hash ad77a90928afa241440cde8e72be83cf
666c805bb183542ee072f32fdefa5e16bea49342
5c9f469e00299e314a8d522f4ffb90280acd99abed8d33e28d4f493cc6b16f60
GET /template/m1938pc/css/1.css HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 33543
Content-Type: text/css
Server: nginx
cdn.jsdelivr.net/gh/te89899/vips@main/qa600350.b
151.101.193.229200 OK 271 kB URL HTTP/2 cdn.jsdelivr.net/gh/te89899/vips@main/qa600350.b
IP 151.101.193.229:0
File type GIF image data, version 89a, 600 x 350\012- data
Size 271 kB (270932 bytes)
Hash 55cbffd866243fabad7b3d4833fb0360
aeedd82dd339da6bf9ba18294c55bf0142711208
c6c26c1fa17606e1504a52145e562ea99cb3315d423b26d747eb432f99987bfc
GET /gh/te89899/vips@main/qa600350.b HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
content-type: application/octet-stream
etag: W/"42254-ru3YLdM52mv5uhgpTFW/AUJxEgg"
accept-ranges: bytes
date: Mon, 05 Dec 2022 01:23:00 GMT
age: 0
x-served-by: cache-fra-eddf8230128-FRA, cache-bma1637-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 270932
X-Firefox-Spdy: h2
www.beijing2013.com/template/m1938pc/css/ate.css
107.163.136.149200 OK 76 kB URL HTTP/1.1 www.beijing2013.com/template/m1938pc/css/ate.css
IP 107.163.136.149:0
File type ASCII text, with CRLF line terminators
Hash b49992e1f195c8a7fae8874c7484979d
d061a88013db4f88c6e518f5a9aa17a308dee2f1
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 75492
Content-Type: text/css
Server: nginx
www.beijing2013.com/template/m1938pc/css/zui.css
107.163.136.149200 OK 91 kB URL HTTP/1.1 www.beijing2013.com/template/m1938pc/css/zui.css
IP 107.163.136.149:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7915e7e1fb9e43c06169e148996611d0
d879a1fcc70274c00f53130fcb42a6554f0ffa99
50d880e1f38be4da26c52f057c0f3f3c536e9564a0d72e919bffb1a818da3816
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 90901
Content-Type: text/css
Server: nginx
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7798a08d264c543152027befeaec6a11
244019c14b076890ef0091133a5e0713dcc04aef
aa3569f57db03ae8f308b674861f2f2c4f30f402c77cdb07e0768e8937d2dbcf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=491
Date: Mon, 05 Dec 2022 01:23:00 GMT
Connection: keep-alive
X-N: S
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3dec68ada0361ac6e11349103d1bdf62
338c193d7eadb145df9baf6c8b8504b54047960e
0a0ff8dec68dbe54bd230c17e7d31d739753f6a08d1f150c1d99a088a5b218ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0A0FF8DEC68DBE54BD230C17E7D31D739753F6A08D1F150C1D99A088A5B218AD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1595
Expires: Mon, 05 Dec 2022 01:49:35 GMT
Date: Mon, 05 Dec 2022 01:23:00 GMT
Connection: keep-alive
www.beijing2013.com/template/m1938pc/images/loading.svg
107.163.136.149200 OK 993 B URL HTTP/1.1 www.beijing2013.com/template/m1938pc/images/loading.svg
IP 107.163.136.149:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7844f77b95130399915f9799bfbd6260
9c17c904c28f8a2812d83f63329c4d43a099b26e
4b40b3797c6eeee1704d86020301944464bd2cccaf917a3e3df8c1d0cff1d3ff
GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:22:57 GMT
Content-Length: 993
Content-Type: text/html
Server: nginx
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43dd45aa53e3ce4ac9357c070eb0e675
6c52f7fd841a265a61dc706d8d8ce8da021e0b54
feac0e1943e9f40c8fcb279baa010c2cc3713caa2b78bcad4d7da71ce872d636
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FEAC0E1943E9F40C8FCB279BAA010C2CC3713CAA2B78BCAD4D7DA71CE872D636"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Mon, 05 Dec 2022 07:22:23 GMT
Date: Mon, 05 Dec 2022 01:23:00 GMT
Connection: keep-alive
www.isleep8.com/1.gif
96.43.102.201404 Not Found 558 B IP 96.43.102.201:0
ASN #64050 BGPNET Global ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f8467570bfc55db0f26347481c1f5271
259bc57b51aa483f655b4556b81daa4272925d5d
664b8d003c193fe5b26394f1ae7f9725af44207788787ebb53181f69e2705cbc
GET /1.gif HTTP/1.1
Host: www.isleep8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 404 Not Found
Server: Tengine
Date: Mon, 05 Dec 2022 01:23:00 GMT
Content-Type: text/html
Content-Length: 558
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3dec68ada0361ac6e11349103d1bdf62
338c193d7eadb145df9baf6c8b8504b54047960e
0a0ff8dec68dbe54bd230c17e7d31d739753f6a08d1f150c1d99a088a5b218ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0A0FF8DEC68DBE54BD230C17E7D31D739753F6A08D1F150C1D99A088A5B218AD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1594
Expires: Mon, 05 Dec 2022 01:49:35 GMT
Date: Mon, 05 Dec 2022 01:23:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aa8f5d1b20bb4946f1a05a6298a6094c
4a1269ed3959cd9fc0c9f5040cf9b2d39706d4be
892de38c89078216051dfef60a9158fe361b1d9927a50df8f5e995c76bed7960
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=120014
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:01 GMT
Etag: "638c79c1-116"
Expires: Tue, 06 Dec 2022 10:43:15 GMT
Last-Modified: Sun, 04 Dec 2022 10:43:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 1c9d872fda9c7eab1cbdc3bdfbef1806
fad08a9ba5b987262f707484c5168bd2f46db877
23576df00f00dc5575ee5e2a9caea0240cfd47df1e6604fca51cfdd91bc0f1b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2927
Cache-Control: max-age=131558
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:01 GMT
Etag: "638c9b6c-2d7"
Expires: Tue, 06 Dec 2022 13:55:39 GMT
Last-Modified: Sun, 04 Dec 2022 13:06:52 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 727
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43dd45aa53e3ce4ac9357c070eb0e675
6c52f7fd841a265a61dc706d8d8ce8da021e0b54
feac0e1943e9f40c8fcb279baa010c2cc3713caa2b78bcad4d7da71ce872d636
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FEAC0E1943E9F40C8FCB279BAA010C2CC3713CAA2B78BCAD4D7DA71CE872D636"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Mon, 05 Dec 2022 07:22:23 GMT
Date: Mon, 05 Dec 2022 01:23:01 GMT
Connection: keep-alive
image.qkf7jq3b.space/chca/bavrssew.gif
104.21.8.148200 OK 745 kB URL HTTP/2 image.qkf7jq3b.space/chca/bavrssew.gif
IP 104.21.8.148:0
File type GIF image data, version 89a, 600 x 350\012- data
Size 745 kB (745216 bytes)
Hash 45f4e469e35b059ee9273dbd1b44f95f
9c69d3bfc6e3e6719a816a0876d77c8600a5542f
d47317c0c730fed2e16e101b70e974d4bdb3b4951724170e00b8b00ee0c7c5a1
GET /chca/bavrssew.gif HTTP/1.1
Host: image.qkf7jq3b.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:23:01 GMT
content-type: image/gif
content-length: 745216
last-modified: Sat, 26 Mar 2022 07:20:24 GMT
etag: "623ebeb8-b5f00"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,DELETE
access-control-allow-header: Content-Type,*
cache-control: max-age=432000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOHXzW2iZ8BaiuR01Cuet3x3JqdbFUg6FK%2BtaBgB8m60CeXr5KpD%2F00hVccZHq%2FleOwOvJN%2B5Q62oyg6Op6h%2Bub6BeMDcbqqxS68f7fION1BfI00aAvn2SrwSFxFI0%2BVygjAEjfNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748f95818b91c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
image.kkoc5eg1.space/chca/jhvrwgts.gif
104.21.34.49200 OK 212 kB URL HTTP/2 image.kkoc5eg1.space/chca/jhvrwgts.gif
IP 104.21.34.49:0
File type GIF image data, version 89a, 600 x 350\012- data
Size 212 kB (212043 bytes)
Hash 16154cb28ebafc54f17e04be70cd67d8
7dce90747aa14aa209cede2ab4862799a11f1001
e26042a911257463ec4b9e9472d4d3ffa2e80fbe424fbb773bdf73b35348b8ec
GET /chca/jhvrwgts.gif HTTP/1.1
Host: image.kkoc5eg1.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:23:01 GMT
content-type: image/gif
content-length: 212043
last-modified: Sat, 26 Mar 2022 08:35:42 GMT
etag: "623ed05e-33c4b"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,DELETE
access-control-allow-header: Content-Type,*
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaVrju6AhZLUIdIHRLv9QVbqm9RaF3W3QJfBsVM25BkW2oDug9T1W5Ku%2FqbIlclBNrp4vVQ11qM3Zv1tfPgCeiL2nzmASF6Fe7xhDr%2FD2kVrgKNAj1OVplnQs843tveqTgdcaUQN6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748f954ea33b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7930f6e6235e9c72257a3e9eada94469
1a75403b8f27e7eb154af1d7490df50683a32a7c
08d3e91d87c01f97ba2c03e91e0b04037cc9a70d5c21511933dc8afca2807e69
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Dec 2022 23:08:36 GMT
ETag: "1a75403b8f27e7eb154af1d7490df50683a32a7c"
Last-Modified: Sun, 04 Dec 2022 23:08:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748f96209ce0b39-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7930f6e6235e9c72257a3e9eada94469
1a75403b8f27e7eb154af1d7490df50683a32a7c
08d3e91d87c01f97ba2c03e91e0b04037cc9a70d5c21511933dc8afca2807e69
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 08 Dec 2022 23:08:36 GMT
ETag: "1a75403b8f27e7eb154af1d7490df50683a32a7c"
Last-Modified: Sun, 04 Dec 2022 23:08:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748f9621d360afa-OSL
image.yrmbb0hc.space/chca/mebrexsd.gif
104.21.54.36200 OK 408 kB URL HTTP/2 image.yrmbb0hc.space/chca/mebrexsd.gif
IP 104.21.54.36:0
File type GIF image data, version 89a, 600 x 350\012- data
Size 408 kB (408247 bytes)
Hash a5df7dbc6380dc7f3a76fd0b42c4661e
013c5fd13059eaa5519f06831c0bd537f000c62c
8eed2a94f9de191dc72096ae00e1a38ab5d0074d93afc85834e3a6e8ce7a6306
GET /chca/mebrexsd.gif HTTP/1.1
Host: image.yrmbb0hc.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:23:01 GMT
content-type: image/gif
content-length: 408247
last-modified: Sat, 26 Mar 2022 04:32:16 GMT
etag: "623e9750-63ab7"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,DELETE
access-control-allow-header: Content-Type,*
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssw%2BfEmg9tH%2B2stqaRAYAIKyLpVZrnM%2FUA4bVPZLEhedsNjcNI6VBeZGz8Hd5Hyun2aFAa9lHKtLtoIou3SOpnj84qnUN1frpRTaDVt%2BbWXqnF0xIqiaYcYOLJQOHviiIJNICGo%2FKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748f958f90d1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash e542f1ea81e576e962e023c9d92447ff
0237ac7306d09c542b7d926ea7fd0d8d8acf25ac
e3099077a8c32a0bee2791afa60d4a98862246c67725ac0d0a4467b062d18a1e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 08 Dec 2022 23:03:32 GMT
ETag: "0237ac7306d09c542b7d926ea7fd0d8d8acf25ac"
Last-Modified: Sun, 04 Dec 2022 23:03:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1835
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748f9647af7b4e8-OSL
js.users.51.la/21354559.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21354559.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash c5498c2313da3164659aa247f092c2c6
cd3af403a868674679585e1d41ba85071b2fda5e
a6324fd9a826dab08a64eefd1dd5f5f865637de91d85fc9f61acf3457872ae7a
GET /21354559.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=ef58644bdb817f5b49d; path=/
HWWAFSESTIME=1670203378953; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
js.users.51.la/21354561.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21354561.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 238b8a6e1a4776c46c54723e7d871aec
77952b65f00c84d55cb60a23ff4650c49ab9fce5
139867b63fd3aaa8ddb6f680f5293674b82894e4eeb1c1af94be279163d52e98
GET /21354561.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=992061ed1302a374412; path=/
HWWAFSESTIME=1670203381447; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ddcdn.comtucdncom.com/images/2022/04/09/91ds100689.jpg
45.89.208.114503 Service Temporarily Unavailable 190 B URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/04/09/91ds100689.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554
GET /images/2022/04/09/91ds100689.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Temporarily Unavailable
Server: Tengine
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 190
Connection: keep-alive
www.beijing2013.com/template/m1938pc/images/loading.svg
107.163.136.149200 OK 993 B URL HTTP/1.1 www.beijing2013.com/template/m1938pc/images/loading.svg
IP 107.163.136.149:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7844f77b95130399915f9799bfbd6260
9c17c904c28f8a2812d83f63329c4d43a099b26e
4b40b3797c6eeee1704d86020301944464bd2cccaf917a3e3df8c1d0cff1d3ff
GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
Cookie: __tins__21354561=%7B%22sid%22%3A%201670203380204%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180204%7D; __51cke__=; __51laig__=2; __tins__21354559=%7B%22sid%22%3A%201670203380211%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180211%7D
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:00 GMT
Content-Length: 993
Content-Type: text/html
Server: nginx
www.beijing2013.com/template/m1938pc/images/video-mask.png
107.163.136.149200 OK 107 B URL HTTP/1.1 www.beijing2013.com/template/m1938pc/images/video-mask.png
IP 107.163.136.149:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/template/m1938pc/css/zui.css
Cookie: __tins__21354561=%7B%22sid%22%3A%201670203380204%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180204%7D; __51cke__=; __51laig__=2; __tins__21354559=%7B%22sid%22%3A%201670203380211%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180211%7D
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:00 GMT
Content-Length: 107
Content-Type: image/jpeg
Server: nginx
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
182.118.39.172200 OK 678 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP 182.118.39.172:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:23:01 GMT
content-type: image/gif
content-length: 677521
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjGhYDSfl4BIgzcnvtuFFUhgibbVxpSdrDgAAAAAAAAAAAAAAQEnTdDGhIXbqYQaoLHAAxyhwNFZdgJdatxSg79VPAy3U9ZstYd5fmYtR6mrZU+LN26T7wjFmAJsS1peUevjogjI=; Expires=Tue, 05 Dec 2023 01:23:01 GMT; path=/;
server: openresty
age: 2620962
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HAzhengzhou-AREACUCC1-CACHE32[3],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE102[6],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,5]
x-hcs-proxy-type: 1
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
www.beijing2013.com/template/m1938pc/images/video-play.png
107.163.136.149200 OK 1.6 kB URL HTTP/1.1 www.beijing2013.com/template/m1938pc/images/video-play.png
IP 107.163.136.149:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.beijing2013.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/template/m1938pc/css/zui.css
Cookie: __tins__21354561=%7B%22sid%22%3A%201670203380204%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180204%7D; __51cke__=; __51laig__=2; __tins__21354559=%7B%22sid%22%3A%201670203380211%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670205180211%7D
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:00 GMT
Content-Length: 1567
Content-Type: image/jpeg
Server: nginx
www.isleep8.com/1.gif
96.43.102.201404 Not Found 558 B IP 96.43.102.201:0
ASN #64050 BGPNET Global ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6ab677bb0daf25ab43b9e429f9e8aa0c
d41c5bbfd82d4340723f723cc7b244b2ec21b31c
a25cbd6b2cc2b69c6f2509118660c0b4069878ce6f786824cb925cdd2bae22f2
GET /1.gif HTTP/1.1
Host: www.isleep8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 404 Not Found
Server: Tengine
Date: Mon, 05 Dec 2022 01:23:02 GMT
Content-Type: text/html
Content-Length: 558
Connection: keep-alive
p.qlogo.cn/hy_personal/3e28f14aa05168421734cf2c518591fa7e3a9da0e2bd5419a5b82272159da83c/0.png
43.154.254.32200 OK 3.5 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa05168421734cf2c518591fa7e3a9da0e2bd5419a5b82272159da83c/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x120, components 3\012- data
Hash e6c80d1f69b4f8999b3139349785ff68
e72338fa08e0519ff2151512070e2a3b368e6991
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e
GET /hy_personal/3e28f14aa05168421734cf2c518591fa7e3a9da0e2bd5419a5b82272159da83c/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 05 Dec 2022 01:23:02 GMT
content-type: image/jpeg
content-length: 3485
cache-control: no-cache
x-errno: -108
x-info: illref
x-rtflag: 1
x-nws-log-uuid: cc0c0733-abe6-4b03-8c2d-d3cb34f8e2ff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 41d8f56825192270d34e29c0c22bbade
74f310e0916837086c30efef2e880b9af20c6841
f2810ba413cf74dab1cdac8b89913a16758ad2a6342fa9497e868e99e5472175
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 17:45:03 GMT
Expires: Thu, 08 Dec 2022 17:45:02 GMT
Etag: "74f310e0916837086c30efef2e880b9af20c6841"
Cache-Control: max-age=317518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748f96829fab4f1-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6c6ed337ee371fc40ecdcd7446630570
1b1c3d5eb7910c6db990000079474948ba36c20a
b4a7518def7a5952d4c8995b55f420849fac7bdcb5da1f6ff790841ca4ce2a5a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 20:22:36 GMT
Expires: Fri, 09 Dec 2022 20:22:35 GMT
Etag: "1b1c3d5eb7910c6db990000079474948ba36c20a"
Cache-Control: max-age=413371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748f9680b79b518-OSL
www.laoyingav.com/
107.163.134.27200 OK 5.7 kB IP 107.163.134.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0b9cf7f5f8a0cc7397f12430ba13da0a
684a41dcc820c4ff7b508560faacd8b53a553ca0
d273cb0dc5f175bae8748a5356d350b7999edd3a8f391c327c4ba35b893dcc82
GET / HTTP/1.1
Host: www.laoyingav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Type: text/html
Last-Modified: Fri, 11 Nov 2022 02:28:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636db359-5275"
Content-Encoding: gzip
ia.51.la/go1?id=21354559&rt=1670203380211&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=2&ekc=&sid=1670203380211&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21354559&rt=1670203380211&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=2&ekc=&sid=1670203380211&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21354559&rt=1670203380211&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=2&ekc=&sid=1670203380211&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=aaa1ca39acc55f92928; path=/
HWWAFSESTIME=1670203378813; path=/
ia.51.la/go1?id=21354561&rt=1670203380204&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=1&ekc=&sid=1670203380204&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21354561&rt=1670203380204&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=1&ekc=&sid=1670203380204&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21354561&rt=1670203380204&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9&ing=1&ekc=&sid=1670203380204&tt=%25E9%2582%25A3%25E6%259B%25B2%25E8%258A%258D%25E6%2580%2580%25E5%2581%25A5%25E5%25BA%25B7%25E7%25AE%25A1%25E7%2590%2586%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=2017%25E4%25BA%259A%25E6%25B4%25B2%25E7%2594%25B7%25E4%25BA%25BA%25E5%25A4%25A9%25E5%25A0%2582%25E6%2589%258B%25E6%259C%25BA%25E5%259C%25A8%25E7%25BA%25BF%252C%25E9%25AB%2598%25E6%25B8%2585%25E5%259B%25BD%25E4%25BA%25A7%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E8%2587%25AA%25E5%259C%25A8%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%2585%258D%25E8%25B4%25B9AV%25E7%2589%2587%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E8%259C%259C%25E8%258A%25BDTV%252C%25E7%2596%25AF%25E7%258B%2582%25E5%2581%259A%25E5%258F%2597XXXX%252C%25E4%25B9%2585%25E4%25B9%2585%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%252C%25E6%25AC%25A7%25E7%25BE%258E%25E6%2580%25A7%25E7%2599%25BD%25E4%25BA%25BA%25E6%259E%2581%25E5%2593%25811819hd%252C%25E6%2597%25A0%25E4%25BA%25BA%25E5%258C%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E9%25AB%2598%25E6%25B8%2585%25E5%25AE%258C%25E6%2595%25B4%25E5%2585%258D%25E8%25B4%25B9%25E7%2589%2588&cu=http%253A%252F%252Fwww.beijing2013.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=3b96a7ed160a4088bea; path=/
HWWAFSESTIME=1670203380496; path=/
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d2dafde86de260fe3e4e74fbb2c94e32
b85627483b5e7d04bd12eb61006c00bc914989c2
51cba68a8003564d5965a1ded990c354edcfc5f6ee53718d8885fab360cbdb34
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4632
Cache-Control: max-age=117431
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "638c5d96-1d7"
Expires: Tue, 06 Dec 2022 10:00:14 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d2dafde86de260fe3e4e74fbb2c94e32
b85627483b5e7d04bd12eb61006c00bc914989c2
51cba68a8003564d5965a1ded990c354edcfc5f6ee53718d8885fab360cbdb34
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4632
Cache-Control: max-age=117431
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "638c5d96-1d7"
Expires: Tue, 06 Dec 2022 10:00:14 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d2dafde86de260fe3e4e74fbb2c94e32
b85627483b5e7d04bd12eb61006c00bc914989c2
51cba68a8003564d5965a1ded990c354edcfc5f6ee53718d8885fab360cbdb34
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 445
Cache-Control: max-age=113244
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "638c5d96-1d7"
Expires: Tue, 06 Dec 2022 08:50:27 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d2dafde86de260fe3e4e74fbb2c94e32
b85627483b5e7d04bd12eb61006c00bc914989c2
51cba68a8003564d5965a1ded990c354edcfc5f6ee53718d8885fab360cbdb34
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 445
Cache-Control: max-age=113244
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "638c5d96-1d7"
Expires: Tue, 06 Dec 2022 08:50:27 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:02 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d2dafde86de260fe3e4e74fbb2c94e32
b85627483b5e7d04bd12eb61006c00bc914989c2
51cba68a8003564d5965a1ded990c354edcfc5f6ee53718d8885fab360cbdb34
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4632
Cache-Control: max-age=117431
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "638c5d96-1d7"
Expires: Tue, 06 Dec 2022 10:00:14 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 05 Dec 2022 01:23:03 GMT
Etag: "4078521116"
Expires: Tue, 05 Dec 2023 01:23:03 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=28A2D8F3D244F2812D1993521011C231:FG=1; max-age=31536000; expires=Tue, 05-Dec-23 01:23:03 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
107.163.148.252/yidingdfha/dafadashun.html
107.163.148.252200 OK 946 B URL HTTP/1.1 107.163.148.252/yidingdfha/dafadashun.html
IP 107.163.148.252:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a969d9d1e4a0a9b977cf2124f4d928c5
f6624bfb7a79c6c40f42f90cc11cefca24189357
389f89b751a21e6aee08b7c3bb9716e751d63a72a7dda9a65cff4e9c03d18a63
Analyzer Verdict Alert quad9 Sinkholed
GET /yidingdfha/dafadashun.html HTTP/1.1
Host: 107.163.148.252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beijing2013.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Type: text/html
Content-Length: 946
Last-Modified: Sun, 04 Dec 2022 15:13:33 GMT
Connection: keep-alive
ETag: "638cb91d-3b2"
Accept-Ranges: bytes
107.163.148.252/favicon.ico
107.163.148.252404 Not Found 146 B URL HTTP/1.1 107.163.148.252/favicon.ico
IP 107.163.148.252:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 107.163.148.252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://107.163.148.252/yidingdfha/dafadashun.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Dec 2022 01:23:05 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
othbhe2.com/eabe37aced0146ed830980fa92031694.gif
103.170.15.108200 OK 0 B URL HTTP/1.1 othbhe2.com/eabe37aced0146ed830980fa92031694.gif
IP 103.170.15.108:0
ASN #7483 Skycloud Computing co., Ltd.
GET /eabe37aced0146ed830980fa92031694.gif HTTP/1.1
Host: othbhe2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6298b95c-d6e69"
Date: Tue, 29 Nov 2022 00:37:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 02 Jun 2022 13:21:32 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-38
Content-Length: 880233
qthynj2.com/fd46a53fba2b49868c7065a9d33635a1.gif
45.61.212.124200 OK 0 B URL HTTP/1.1 qthynj2.com/fd46a53fba2b49868c7065a9d33635a1.gif
IP 45.61.212.124:0
GET /fd46a53fba2b49868c7065a9d33635a1.gif HTTP/1.1
Host: qthynj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6298b919-138ebf"
Date: Sat, 06 Aug 2022 17:36:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 02 Jun 2022 13:20:25 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-24
Content-Length: 1281727
www.laoyingav.com/djskcsldu839/buttons.css
107.163.134.27200 OK 0 B URL HTTP/1.1 www.laoyingav.com/djskcsldu839/buttons.css
IP 107.163.134.27:0
GET /djskcsldu839/buttons.css HTTP/1.1
Host: www.laoyingav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.laoyingav.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:23:03 GMT
Content-Type: text/css
Last-Modified: Sun, 27 Feb 2022 18:24:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"621bc1da-14076"
Expires: Mon, 05 Dec 2022 13:23:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
pic.rmb.bdstatic.com/bjh/d87ce4acedd7e067171def14606c32d9.gif
185.10.104.115200 OK 0 B URL HTTP/2 pic.rmb.bdstatic.com/bjh/d87ce4acedd7e067171def14606c32d9.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /bjh/d87ce4acedd7e067171def14606c32d9.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beijing2013.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 05 Dec 2022 01:23:03 GMT
content-type: image/gif
content-length: 1149237
expires: Sat, 03 Dec 2022 09:55:38 GMT
last-modified: Thu, 14 Apr 2022 18:25:11 GMT
etag: "d87ce4acedd7e067171def14606c32d9"
age: 401167
accept-ranges: bytes
content-md5: 2HzkrO3X4GcXHe8UYGwy2Q==
x-bce-content-crc32: 1281562985
x-bce-debug-id: xB8f76VQuLbItuWLZvoU2MbDw9CYPupGN34MweKAKUVdm19MrxRp27deiFnfDH2790Vwf8jBk/k+zUiabUClyQ==
x-bce-request-id: 31b16984-71ff-458a-8f3b-d0d307aa30b4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 30 Nov 2022 09:55:38 GMT
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache51 [2], xaix230 [2]
ohc-file-size: 1149237
x-cache-status: HIT
X-Firefox-Spdy: h2