r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11784
Expires: Fri, 25 Nov 2022 07:52:35 GMT
Date: Fri, 25 Nov 2022 04:36:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3305
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:36:11 GMT
Last-Modified: Fri, 25 Nov 2022 03:41:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1127
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13642
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 04:36:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ=
x-amz-request-id: J3KJ3ARVZWVE4G1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:43:41 GMT
age: 3150
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:36:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kmcits0560.com/
156.237.200.71301 Moved Permanently 0 B IP 156.237.200.71:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: kmcits0560.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 04:36:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.kmcits0560.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 1501
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2289
Cache-Control: max-age=104926
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:36:12 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:44:58 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mFR5MpxMUkMyfXYcwQUp3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cl5OHb8ci9XCoTp6MK0OaA+EmQA=
www.kmcits0560.com/index.php
156.237.200.71200 OK 541 B URL HTTP/1.1 www.kmcits0560.com/index.php
IP 156.237.200.71:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (625), with CRLF line terminators
Hash 78f47834830c7ca664a78bfeadf89150
61476729b29a1cee6d6fbd22b4c0b2b9f9922a87
db6925822bc9f34484bdf7d0bac0a587e2675c73869d01da70b1a9022d61f437
GET /index.php HTTP/1.1
Host: www.kmcits0560.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.kmcits0560.com/common.js
156.237.200.71200 OK 561 B URL HTTP/1.1 www.kmcits0560.com/common.js
IP 156.237.200.71:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 70c7a9ca349ceec46b24ee9181aec788
23b49171d41862aff6c66195bb7ecf436da7e8c7
13c01bcd22d23acad050a4779f3e9f8fcf02c0191bc95d07f0e8b8edfbafbf07
GET /common.js HTTP/1.1
Host: www.kmcits0560.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kmcits0560.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:12 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.kmcits0560.com/tj.js
156.237.200.71200 OK 258 B IP 156.237.200.71:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash df51a717f9fe771d97bb01b74fd57c0c
4f7b6d5501e41e02bbb16db69534d423f1e5f89a
45780a5e12a3ae45bd4945bd0de4977aa81532826352692c8dee9cd67f744773
GET /tj.js HTTP/1.1
Host: www.kmcits0560.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kmcits0560.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:12 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.kmcits0560.com/favicon.ico
156.237.200.71200 OK 1.2 kB URL HTTP/1.1 www.kmcits0560.com/favicon.ico
IP 156.237.200.71:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.kmcits0560.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kmcits0560.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:13 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 30 Nov 2022 04:36:13 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3988
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:36:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3988
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:36:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3988
Expires: Fri, 25 Nov 2022 05:42:41 GMT
Date: Fri, 25 Nov 2022 04:36:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rKROwsZ-X8yDd4iVaYBaNFe6bgHaThxafIt76PBgLoOTrPMqAVQ9iQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:22:43 GMT
age: 22410
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 24094
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 25272
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 84705
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 23811
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 24018
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bkw.wyft5.top/
122.10.110.111200 OK 192 B IP 122.10.110.111:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash bac6cd7671934bb2693e3005c017bb64
d1c0f50bef8b8cf762479721efedee91a255be9f
b29fc7746f8b5934a3e2690c6945b5e1d1981953c8c3bdcea887f6195e5b66eb
GET / HTTP/1.1
Host: bkw.wyft5.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kmcits0560.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 04:00:23 GMT
Accept-Ranges: bytes
ETag: "4566a36e2385d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 04:36:13 GMT
Content-Length: 192
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 35238daa46db3d4f7273beaf1f5232cc
83ab06acab8dc6d601356afa41e831a0a6c8595e
89867bf9e4c677bff3be296b5c27d6ad4fbf8d80d42b09427fd35be717e2d04e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:12:44 GMT
ETag: "83ab06acab8dc6d601356afa41e831a0a6c8595e"
Last-Modified: Fri, 25 Nov 2022 03:12:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 940
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7aea39ebeb4e8-OSL
xqw.wyaa1.top/
154.212.112.77200 OK 194 B IP 154.212.112.77:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 91808eb310d8e07185fd14aa142c4429
2a21eece48f66297db349b69c8a841e7231a0230
3c9532fccb946ddd3e59a1fe756b33920666a1f3e1234e9a6aeca7c68e7aa64a
GET / HTTP/1.1
Host: xqw.wyaa1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bkw.wyft5.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 24 Nov 2022 14:29:54 GMT
Accept-Ranges: bytes
ETag: W/"a1ef7338110d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 04:36:14 GMT
Content-Length: 194
hm.baidu.com/hm.js?c1025722fd8c19648db213f1778363ad
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c1025722fd8c19648db213f1778363ad
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 2853dc045ca82af7e5bffc5ce187891f
4f65937535bc1286318c412602ee77f365dba6cc
65a5565ec457008e91147bbc100c665e748d2cf25976a6b74f34b8d99817178d
GET /hm.js?c1025722fd8c19648db213f1778363ad HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kmcits0560.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 04:36:14 GMT
Etag: 0fef56d89747a1ff22e6165eecf4f86b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3453212B6D5569D9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=67631519&si=c1025722fd8c19648db213f1778363ad&v=1.3.0&lv=1&sn=43455&r=0&ww=1280&u=http%3A%2F%2Fwww.kmcits0560.com%2Findex.php&tt=%E8%B4%BA%E5%B7%9E%E9%85%92%E7%9D%BE%E7%8E%AF%E4%BF%9D%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=67631519&si=c1025722fd8c19648db213f1778363ad&v=1.3.0&lv=1&sn=43455&r=0&ww=1280&u=http%3A%2F%2Fwww.kmcits0560.com%2Findex.php&tt=%E8%B4%BA%E5%B7%9E%E9%85%92%E7%9D%BE%E7%8E%AF%E4%BF%9D%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=67631519&si=c1025722fd8c19648db213f1778363ad&v=1.3.0&lv=1&sn=43455&r=0&ww=1280&u=http%3A%2F%2Fwww.kmcits0560.com%2Findex.php&tt=%E8%B4%BA%E5%B7%9E%E9%85%92%E7%9D%BE%E7%8E%AF%E4%BF%9D%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kmcits0560.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 04:36:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=91B5C9768D9AF60E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
wkf5.wuys21.top/
198.44.251.34200 OK 8.5 kB IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash ef5c2f3a614b5e5e1bae1064d936ad43
880e058482f1aead3c4280d2a8011a965bb943c8
30bda6d12aaa8d704081cbbc02cb1b3b842ee7741afd95afc08adf21109024a6
GET / HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xqw.wyaa1.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=3raj67omg8iljchv3h1v6o5f0r; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
96.6.16.143200 OK 457 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (457345 bytes)
Hash c715f378075493153db049a8d2e70e1c
8c86edc72c9fa616aa484a42b84cff16c35f06b9
7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6574444
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Fri, 25 Nov 2022 04:36:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
wkf5.wuys21.top/template/m1938pc/static/css/style.css
198.44.251.34200 OK 5.6 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/css/style.css
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d08f5d7df4e8abb31ec882107c336638
8017b1fe33a942f227e8278914d71b2f2898b969
b7439b9a72f56f090176346a890309f4d6ee2c10e50aa390220b65b2d231c142
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Jul 2021 15:08:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e5c35c-5c80"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/ads/shanghf.js
198.44.251.34200 OK 1.2 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/ads/shanghf.js
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88dec8c6347b6ee412cbe7f34fb94df2
1b748e018cb0bd36f8984c71c893f3a8103c4e1e
caede0bd5ce24a6745cd84c5b2bc805412a16a09522adc53998c5b49a3bdc3ab
GET /template/m1938pc/ads/shanghf.js HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Nov 2022 15:08:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637e378a-204e"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
198.44.251.34200 OK 2.2 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 4d923e65af757face7af75d273b618ea
dafe3634d48e6cbdd7421a62f2223f8d3fe72443
971eb10a9a6e73f4d013f9af858eb9e99817f07278c3c0811a842a5799b0eb3d
GET /template/m1938pc/static/css/overwrite.css HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Jul 2021 09:21:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e57221-33ed"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/ads/77.js
198.44.251.34200 OK 593 B URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/ads/77.js
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 68b3dba874b9dfbd8e2e59298c1e9363
0525447664102e518c1b4c0c7df0d59e996969b1
c0fc3f0eea17151ff6b122fa88df63511c277da62c25d3d0e9e6f167697da466
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:49:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63765820-46b"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/ads/zhonghf.js
198.44.251.34200 OK 422 B URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/ads/zhonghf.js
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9c688f7ab4a43af0b4385882363a533e
8e8affd4f56569837c4eea050bec96abc8d94b11
d85520a17c96b18c570b19cb0de3223506ed9294d5391586e859a9377351068d
GET /template/m1938pc/ads/zhonghf.js HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:54:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376593c-4a9"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/static/css/styles.css
198.44.251.34200 OK 36 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/css/styles.css
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with CRLF line terminators
Hash c88e2f843a294c2d1cd1de22a6f4246a
46f8a448bcb7ac4b7aec852c7fc57e17f77b3d70
26bfda2e17b7978c67e977b8cf65c5f2514432e200f5dcc58e79a5dc193fe3e0
GET /template/m1938pc/static/css/styles.css HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Jul 2021 11:28:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e58ff5-2cd7d"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wkf5.wuys21.top/template/m1938pc/ads/dibuhf.js
198.44.251.34200 OK 455 B URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/ads/dibuhf.js
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 97d8aaf6f4c5503a28f567e61151ef1a
f59c27d31fea6110f81333b442fa98c6608de527
b01c14e733c1aad80a6814a08c69c7b23f3d3c4d5ff32a6e693b819c212db8f7
GET /template/m1938pc/ads/dibuhf.js HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wkf5.wuys21.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: application/javascript
Last-Modified: Fri, 18 Nov 2022 08:53:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6377481f-588"
Expires: Fri, 25 Nov 2022 16:36:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 04:36:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 04:36:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 04:36:16 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6574517
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 04:36:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 04:36:16 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
96.6.16.143200 OK 917 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917226 bytes)
Hash 28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7640521
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 04:36:16 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/0wswevsznnn04370wswevsznnn2211505.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/0wswevsznnn04370wswevsznnn2211505.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fb5c1617f32c5fad1086d6535582c4d1
e6a4cc267da5e018a498c8ed7ac964cad0d0a5e8
72c554c91021be848fa9b3e90a234a064d41e4a9fe42b34afa3d95da13b6e653
GET /upload/vod/2019/11-08/04/0wswevsznnn04370wswevsznnn2211505.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/jpeg
content-length: 12153
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12758, status=webp_bigger
etag: "5dc48082-31d6"
last-modified: Thu, 07 Nov 2019 20:37:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb43b5fb51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/z52mqqydecm0436z52mqqydecm0311395.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/z52mqqydecm0436z52mqqydecm0311395.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aefa79ec6e8f61655f1a3311715ec917
d86e3c0110bce39bc77a50a1dab1e80d814c3617
416a75e7d81f6c4ee627a90bb08ce731cff6e1ee5a0b53d011268bd60326e0ba
GET /upload/vod/2019/11-08/04/z52mqqydecm0436z52mqqydecm0311395.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/webp
content-length: 11884
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12894
content-disposition: inline; filename="z52mqqydecm0436z52mqqydecm0311395.webp"
etag: "5dc48033-325e"
last-modified: Thu, 07 Nov 2019 20:36:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b67b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/52gdtas5qjz043852gdtas5qjz1011571.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/52gdtas5qjz043852gdtas5qjz1011571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5872b2fe087bfb35b1c567886926b0ca
7fe9530f4de8ac947ba863a7909482bfc8022149
7571785239be69f12765ac9c56516b465456b15d3e131363c9186904298a03be
GET /upload/vod/2019/11-08/04/52gdtas5qjz043852gdtas5qjz1011571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/webp
content-length: 11646
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12934
content-disposition: inline; filename="52gdtas5qjz043852gdtas5qjz1011571.webp"
etag: "5dc480b2-3286"
last-modified: Thu, 07 Nov 2019 20:38:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b69b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/bct05zrq3ld0438bct05zrq3ld2611593.jpg
172.67.28.138200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/bct05zrq3ld0438bct05zrq3ld2611593.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1a191763c5ca17c48548b10bcef6336
f2806f317c08866986703072be3ce8f76c637574
44446b3df387f773d6add88b7fe83cd6aa435ac9d923196bd45ab35460b132a3
GET /upload/vod/2019/11-08/04/bct05zrq3ld0438bct05zrq3ld2611593.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/webp
content-length: 6612
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7887
content-disposition: inline; filename="bct05zrq3ld0438bct05zrq3ld2611593.webp"
etag: "5dc480c2-1ecf"
last-modified: Thu, 07 Nov 2019 20:38:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b6ab51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/qtjg5tqj4tp0436qtjg5tqj4tp5111461.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/qtjg5tqj4tp0436qtjg5tqj4tp5111461.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe0d7f8f1089ad6dcadce7dd3d100a6f
5ef1696a58a2d95529507b388ebe66fd5962f27e
168b7e8e4f898a129a57b6c540f8a5ae10d4e7579cfcff8256e92f66283d381c
GET /upload/vod/2019/11-08/04/qtjg5tqj4tp0436qtjg5tqj4tp5111461.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/webp
content-length: 10514
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11272
content-disposition: inline; filename="qtjg5tqj4tp0436qtjg5tqj4tp5111461.webp"
etag: "5dc48063-2c08"
last-modified: Thu, 07 Nov 2019 20:36:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b68b51d-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 04:36:16 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/tmjxu2wgrjp0439tmjxu2wgrjp1311658.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/tmjxu2wgrjp0439tmjxu2wgrjp1311658.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 23dc79e357dbd1e9b3913bfe9db5458f
647ae6e0a97194c31e7ab9a5b5858aebab6af093
2d6c07e4f76b9f07cee2de523b4d21eabb54b51d24e8ee22e7a5b963dd5a2be2
GET /upload/vod/2019/11-08/04/tmjxu2wgrjp0439tmjxu2wgrjp1311658.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/jpeg
content-length: 13898
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14595, status=webp_bigger
etag: "5dc480f2-3903"
last-modified: Thu, 07 Nov 2019 20:39:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb44b6bb51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/hsfynojhy4a0435hsfynojhy4a4711373.jpg
172.67.28.138200 OK 15 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/hsfynojhy4a0435hsfynojhy4a4711373.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c2c21be590a9b2ae9be1c33440cbdb86
ebb2e032ec7775cb40db77e3ad1bd64864377a4d
3d0bb4b86f5c774e418b34cabc7e044839d64eddbe1478f0880527c5ce7f0941
GET /upload/vod/2019/11-08/04/hsfynojhy4a0435hsfynojhy4a4711373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/jpeg
content-length: 14966
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=15326, status=webp_bigger
etag: "5dc48023-3bde"
last-modified: Thu, 07 Nov 2019 20:35:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb48b7fb51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/ody2lbdyd3y0437ody2lbdyd3y0611483.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/ody2lbdyd3y0437ody2lbdyd3y0611483.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 217a02edbf3818ab39ea4cfa103e8576
6440ba0cf3ab98d779034bdf2129ee961d42045b
d326d0c3c7ec268103d15239d96542924b0547629540f4b20d5a632f27ad5773
GET /upload/vod/2019/11-08/04/ody2lbdyd3y0437ody2lbdyd3y0611483.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/webp
content-length: 12702
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13619
content-disposition: inline; filename="ody2lbdyd3y0437ody2lbdyd3y0611483.webp"
etag: "5dc48072-3533"
last-modified: Thu, 07 Nov 2019 20:37:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb48b80b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/l2beph4hpzt0437l2beph4hpzt3811527.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/l2beph4hpzt0437l2beph4hpzt3811527.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 450b7bf9e956cff446b8019b1cc935fb
f25787a74d26aa6044b1d70b79dd9b87b210ff8b
037a2ca0b925fd7c76ccdfa4f52d8bdf1293a398b0e6c326858035f281fa2d04
GET /upload/vod/2019/11-08/04/l2beph4hpzt0437l2beph4hpzt3811527.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:16 GMT
content-type: image/jpeg
content-length: 13940
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14592, status=webp_bigger
etag: "5dc48092-3900"
last-modified: Thu, 07 Nov 2019 20:37:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1393
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb49b84b51d-OSL
X-Firefox-Spdy: h2
wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-700.woff2
198.44.251.34200 OK 16 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-700.woff2
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /template/m1938pc/static/fonts/roboto-v19-latin-700.woff2 HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: font/woff2
Content-Length: 15816
Last-Modified: Wed, 07 Jul 2021 09:23:27 GMT
Connection: keep-alive
ETag: "60e5728f-3dc8"
Accept-Ranges: bytes
wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-300.woff2
198.44.251.34200 OK 16 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-300.woff2
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format (Version 2), TrueType, length 15784, version 1.0\012- data
Hash ef7c6637c68f269a882e73bcb57a7f6a
65025b0cedc3b795c87ad050443c09081d1a8581
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
GET /template/m1938pc/static/fonts/roboto-v19-latin-300.woff2 HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: font/woff2
Content-Length: 15784
Last-Modified: Wed, 07 Jul 2021 09:25:11 GMT
Connection: keep-alive
ETag: "60e572f7-3da8"
Accept-Ranges: bytes
lbfm.lbpictupian.com/upload/vod/2022/10-31/11/42yfpeazzl5111242yfpeazzl5344473.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-31/11/42yfpeazzl5111242yfpeazzl5344473.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32edd5b31d5e4b659a86cd3be146a7c1
ee2cdf510b57725dfdb3850d7578c23a3b14d7da
1b87f203f4bfef455052c034a1e73a9765c9cced8454a0538eea6ee86158411a
GET /upload/vod/2022/10-31/11/42yfpeazzl5111242yfpeazzl5344473.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 5208
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7302
content-disposition: inline; filename="42yfpeazzl5111242yfpeazzl5344473.webp"
etag: "635f3d22-1c86"
last-modified: Mon, 31 Oct 2022 03:12:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb43b62b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/08-05/06/ckgc5ybwvcn0607ckgc5ybwvcn2512786.jpg
172.67.28.138200 OK 15 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/08-05/06/ckgc5ybwvcn0607ckgc5ybwvcn2512786.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash bdf38564b8d325a166faf4aeb3af311f
3f76eb157b6502ebd2de120b57bcbc59295124ea
9c612eff2d0bf6a0d40123d3127374e697e89c928f300397e529eb6b82644755
GET /upload/vod/2020/08-05/06/ckgc5ybwvcn0607ckgc5ybwvcn2512786.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/jpeg
content-length: 14927
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=15412, status=webp_bigger
etag: "5f29dc1e-3c34"
last-modified: Tue, 04 Aug 2020 22:07:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb43b61b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-01/13/0e31cbn1mlq13130e31cbn1mlq524545.jpg
172.67.28.138200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-01/13/0e31cbn1mlq13130e31cbn1mlq524545.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 495a29cf4be3b00eb8b09d0e1e90f0f7
eaf6f1889e872a2d6a51003b767669c896b5a8b7
7261d97627003d56836833d35cc0596858dc0fb8438bf3a3d3294272b101c862
GET /upload/vod/2022/11-01/13/0e31cbn1mlq13130e31cbn1mlq524545.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 9386
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10201
content-disposition: inline; filename="0e31cbn1mlq13130e31cbn1mlq524545.webp"
etag: "6360ab10-27d9"
last-modified: Tue, 01 Nov 2022 05:13:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b65b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-04/13/ukgl3kljwt41318ukgl3kljwt4285793.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-04/13/ukgl3kljwt41318ukgl3kljwt4285793.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c864719defc470a5fd5b68c6e3db6fff
9d080c131f6a603964c9490403e71ea6756a9aea
26c777c242cff2868f80a6855d3fd953ab007335e2b2140ba9e6aae7f70deb57
GET /upload/vod/2022/11-04/13/ukgl3kljwt41318ukgl3kljwt4285793.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/jpeg
content-length: 11470
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11980, status=webp_bigger
etag: "6364a0a4-2ecc"
last-modified: Fri, 04 Nov 2022 05:18:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb44b64b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-31/11/phdnqfoqlj11111phdnqfoqlj1254431.jpg
172.67.28.138200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-31/11/phdnqfoqlj11111phdnqfoqlj1254431.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc4cdaaaec10e3af85798efca4b17eae
345bdd695645535b7af7f3eb3d61efec7bf170f6
2d35ff9e80cc246733d081f10f5493956a9231f1449d9a07b614d5f925e39db5
GET /upload/vod/2022/10-31/11/phdnqfoqlj11111phdnqfoqlj1254431.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 9370
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10202
content-disposition: inline; filename="phdnqfoqlj11111phdnqfoqlj1254431.webp"
etag: "635f3cdd-27da"
last-modified: Mon, 31 Oct 2022 03:11:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb44b66b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-02/16/uwe4xds24401627uwe4xds2440295049.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-02/16/uwe4xds24401627uwe4xds2440295049.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 262c0607b2a18c316b3db84c7328c21c
bd1243e9d8d374d4906c899ce49d6db76c8386d4
2f4898fc0b5e1dbbed24138f0e59d78c047e34ccddea38e95b0f7c3f518dc02a
GET /upload/vod/2022/11-02/16/uwe4xds24401627uwe4xds2440295049.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/jpeg
content-length: 11755
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12637, status=webp_bigger
etag: "636229f1-315d"
last-modified: Wed, 02 Nov 2022 08:27:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7aeb43b63b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/ouxnslv1byp0435ouxnslv1byp1511329.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/ouxnslv1byp0435ouxnslv1byp1511329.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55a4bdd7ca83879560941821953ee25f
d81176f787137e67f3ddded8b1b24df05e4bb753
e9d8f1ec327d81d0344d8e5be09e913479fdc883006848c8bba0a11b9fd9a4da
GET /upload/vod/2019/11-08/04/ouxnslv1byp0435ouxnslv1byp1511329.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 10264
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10897
content-disposition: inline; filename="ouxnslv1byp0435ouxnslv1byp1511329.webp"
etag: "5dc48003-2a91"
last-modified: Thu, 07 Nov 2019 20:35:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb48b7db51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-29/00/zrhm0gnbkxd0011zrhm0gnbkxd184992.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-29/00/zrhm0gnbkxd0011zrhm0gnbkxd184992.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04256b0889707d603af066492bd3b2db
27c79cf64b3005f1f6ca85ba91dfd0549f190d4e
f36daf2a4a7c59cd19d34dcf7b9af16772f53f7b9eefdadb758a79277aba5e74
GET /upload/vod/2020/03-29/00/zrhm0gnbkxd0011zrhm0gnbkxd184992.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 8460
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9572
content-disposition: inline; filename="zrhm0gnbkxd0011zrhm0gnbkxd184992.webp"
etag: "5e7f7726-2564"
last-modified: Sat, 28 Mar 2020 16:11:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb48b81b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/lvopp0jvzbm0435lvopp0jvzbm3111351.jpg
172.67.28.138200 OK 5.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/lvopp0jvzbm0435lvopp0jvzbm3111351.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 26dbed80fc4167378e0cada97871665a
fe97a82e51161212b20e8c5c6ee4f8c8340960e6
e9532be9ecb3c3d02ba95d950ac2d26ff4596ffb012398ab1ad4b6e7b4c666fd
GET /upload/vod/2019/11-08/04/lvopp0jvzbm0435lvopp0jvzbm3111351.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 5316
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7214
content-disposition: inline; filename="lvopp0jvzbm0435lvopp0jvzbm3111351.webp"
etag: "5dc48013-1c2e"
last-modified: Thu, 07 Nov 2019 20:35:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb48b7eb51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/gymmacrnftk0434gymmacrnftk5911307.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/gymmacrnftk0434gymmacrnftk5911307.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ca160cee22e98ef4eb46c43effef337
bfecb82e211f6baa81fee454da08d050c1c93d22
a36cb88a7a8657380a1bf9efc0f5e6cf049df5d357b06f6f9dc0109f7f875a83
GET /upload/vod/2019/11-08/04/gymmacrnftk0434gymmacrnftk5911307.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 10056
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11022
content-disposition: inline; filename="gymmacrnftk0434gymmacrnftk5911307.webp"
etag: "5dc47ff3-2b0e"
last-modified: Thu, 07 Nov 2019 20:34:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb48b77b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-29/00/wdtnjsocusu0011wdtnjsocusu174990.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-29/00/wdtnjsocusu0011wdtnjsocusu174990.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1e87ae11cb609a229c5c8631a8edadf
e26fdec1bb2f8c2957feedc8d02961ee2ff73597
58e820549e3e40ff18aeed59a5f2fe059d0ff408949c46c487ea51b29fe22b77
GET /upload/vod/2020/03-29/00/wdtnjsocusu0011wdtnjsocusu174990.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 8650
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9872
content-disposition: inline; filename="wdtnjsocusu0011wdtnjsocusu174990.webp"
etag: "5e7f7725-2690"
last-modified: Sat, 28 Mar 2020 16:11:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb49b83b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-31/11/deqfjlgkqgi1112deqfjlgkqgi544503.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-31/11/deqfjlgkqgi1112deqfjlgkqgi544503.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7b31ec56fc58f8867711f7e2f035b8f
4684fe151bea899de3ad7e8bb636a774aff10cd4
9f1a5be5a862cf89a28b40d4869a49d168e01c2ef862baf1ffb059107ec70f4b
GET /upload/vod/2022/10-31/11/deqfjlgkqgi1112deqfjlgkqgi544503.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 5996
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8151
content-disposition: inline; filename="deqfjlgkqgi1112deqfjlgkqgi544503.webp"
etag: "635f3d36-1fd7"
last-modified: Mon, 31 Oct 2022 03:12:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb4bb94b51d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/jgbrltltd1a0434jgbrltltd1a4311285.jpg
172.67.28.138200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/jgbrltltd1a0434jgbrltltd1a4311285.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85eece1a6c7114bedef1fbd5c3d48905
0a9c7c3c388bea20942b8726b31a8ec1837743c0
522affca1e52678c5307369e6bb39dd8676b955aefdf38a58e06ad45e160f3be
GET /upload/vod/2019/11-08/04/jgbrltltd1a0434jgbrltltd1a4311285.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/webp
content-length: 8260
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8964
content-disposition: inline; filename="jgbrltltd1a0434jgbrltltd1a4311285.webp"
etag: "5dc47fe3-2304"
last-modified: Thu, 07 Nov 2019 20:34:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f7aeb49b8bb51d-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Fri, 25 Nov 2022 07:47:55 GMT
Date: Fri, 25 Nov 2022 04:36:17 GMT
Connection: keep-alive
wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-500.woff2
198.44.251.34200 OK 16 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-500.woff2
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
GET /template/m1938pc/static/fonts/roboto-v19-latin-500.woff2 HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: font/woff2
Content-Length: 15872
Last-Modified: Wed, 07 Jul 2021 09:21:45 GMT
Connection: keep-alive
ETag: "60e57229-3e00"
Accept-Ranges: bytes
wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-700italic.woff2
198.44.251.34200 OK 17 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/fonts/roboto-v19-latin-700italic.woff2
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format (Version 2), TrueType, length 17020, version 1.0\012- data
Hash da0e717829e033a69dec97f1e155ae42
a998348571bb10988dfcc32d9c214b27f87c007e
5cc2e47701ee7dc9e0ba16303e170db0fcb2df2989b7763ac705893d37b4e237
GET /template/m1938pc/static/fonts/roboto-v19-latin-700italic.woff2 HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wkf5.wuys21.top/template/m1938pc/static/css/overwrite.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: font/woff2
Content-Length: 17020
Last-Modified: Wed, 07 Jul 2021 09:21:43 GMT
Connection: keep-alive
ETag: "60e57227-427c"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4d9f43ef6e189ca37593c860eb760a9a
5b06c3b5a1d2d81875005cab363b2fe268cb4d0a
b0fa83b4ffec9285300ebc9f3c5d3e3141e34602f2525f4ad3ff67081b349add
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 13:54:27 GMT
Expires: Thu, 01 Dec 2022 13:54:26 GMT
Etag: "5b06c3b5a1d2d81875005cab363b2fe268cb4d0a"
Cache-Control: max-age=551288,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aeb87aeab51e-OSL
hm.baidu.com/hm.js?3a2c7c24812764f8836a78dbc73cc526
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3a2c7c24812764f8836a78dbc73cc526
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 966a5023327d419a4c010421e9564156
3bf4e75be0f41225296d76e2edf70b670c8cf65a
e7880485beabbe9642a9b88bea90c8858848c13a403ec1009660945862df3754
GET /hm.js?3a2c7c24812764f8836a78dbc73cc526 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 04:36:16 GMT
Etag: 8dfee138138f3fd374a7adc3220f9197
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=39D0BF1D5DC350C7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
wkf5.wuys21.top/template/m1938pc/static/fonts/fontawesome-webfont.woff
198.44.251.34200 OK 81 kB URL HTTP/1.1 wkf5.wuys21.top/template/m1938pc/static/fonts/fontawesome-webfont.woff
IP 198.44.251.34:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format, TrueType, length 81284, version 1.0\012- data
Hash dfb02f8f6d0cedc009ee5887cc68f1f3
507970402e328b2baeb05bde73bf9ded4e2c3a2d
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
GET /template/m1938pc/static/fonts/fontawesome-webfont.woff HTTP/1.1
Host: wkf5.wuys21.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wkf5.wuys21.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:36:16 GMT
Content-Type: font/woff
Content-Length: 81284
Last-Modified: Wed, 07 Jul 2021 09:24:47 GMT
Connection: keep-alive
ETag: "60e572df-13d84"
Accept-Ranges: bytes
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash ad2b72d1a914b89cba55383c053a0578
1d893157ca413d96251036c142d2fc44ed0d0bae
765fe5c5ac1b29b7e871c5c18bd19083d3de50c34df6ec0b6d7842019836a0fb
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 04:36:16 GMT
Etag: 1c032a383a8dc6d54218d9f3eb5cf963
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C0236268ED46FDA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1b0f31ddd7c6bb23a36c87f7498dc039
578307d677cf2ee6777bef48c738bc5657cdd4f9
081e23f7b569bd930660eb9ce954f1c531157711776b680334a697ac1ab27811
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 17:12:59 GMT
Expires: Wed, 30 Nov 2022 17:12:58 GMT
Etag: "578307d677cf2ee6777bef48c738bc5657cdd4f9"
Cache-Control: max-age=476800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aeba5becb51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8d2d4c2519e173d156b0629de506e00c
b21c4758aa7cda5014cd3386e5bceb4123053a9e
25238d4415525d3410163e30d1b1e07336dee26372340f07a2689bc2fac22e73
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:39:05 GMT
Expires: Wed, 30 Nov 2022 15:39:04 GMT
Etag: "b21c4758aa7cda5014cd3386e5bceb4123053a9e"
Cache-Control: max-age=471166,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aeba7c3eb4eb-OSL
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 575c312241aa584949534cfd92f4f62b
44a9f6d9d4da3543fefcb5bd4f6bc2a734ae2071
5adb2cf94c0b39e53814dcdbba6703155cfe6d948fafb86fc37863e2590307fb
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2583
Cache-Control: max-age=103786
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:36:17 GMT
Etag: "637f2e94-1d7"
Expires: Sat, 26 Nov 2022 09:26:03 GMT
Last-Modified: Thu, 24 Nov 2022 08:43:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=522922465&si=3a2c7c24812764f8836a78dbc73cc526&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=522922465&si=3a2c7c24812764f8836a78dbc73cc526&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=522922465&si=3a2c7c24812764f8836a78dbc73cc526&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 04:36:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=46DC7E45078BB65A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 04:36:17 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=157367
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669350977
Via: cache25.l2de2[475,475,200-0,M], cache25.l2de2[476,0], cache1.se1[498,497,200-0,M], cache1.se1[501,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 04:36:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516693509773678714e
si1.go2yd.com/get-image/0yFUidjGHhQ
163.171.140.79200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 63804641_PShlamstdAMS1cc96_14504-27502
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 57c2339af4be62cf0bdc905ff8a88627
28a9a0433a6b99262339ec2de626985574a0d14e
217979335ae6af1d9f9af167d075a809cfd39749a1e14d561c9ebdaa156b773c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 01:08:20 GMT
ETag: "28a9a0433a6b99262339ec2de626985574a0d14e"
Last-Modified: Fri, 25 Nov 2022 01:08:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3117
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7aebc7c04b4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 75e57e4a6cf40312bc50060099e11b36
976ea6be9fccf8fd82d0e903063e7fc78a5ced25
8fd7d7afb623d51086a47097d76a77aef8844c1bd8a04d7b0b9d47767ba4e151
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:19 GMT
Expires: Thu, 01 Dec 2022 16:52:18 GMT
Etag: "976ea6be9fccf8fd82d0e903063e7fc78a5ced25"
Cache-Control: max-age=561959,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aebc5cd9b51e-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1204960942&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1204960942&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1204960942&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fxqw.wyaa1.top%2F&v=1.3.0&lv=1&sn=43457&r=0&ww=1252&u=http%3A%2F%2Fwkf5.wuys21.top%2F&tt=%E5%8D%88%E5%A4%9C%E9%BB%91%E4%B8%9D HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 04:36:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0719FEAC34D6DA6F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=426800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aebc98c60b3d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b02886bffe192ee5259a2c3a1e1b5ba7
00fa6e56af4f69a831affc97cc6a83ca8afed8af
d612a6e3dfc5804e274d999dbb5dd1eaea58b0a4820b3b1ab90be7fe8a792b80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 00:53:48 GMT
Expires: Tue, 29 Nov 2022 00:53:47 GMT
Etag: "00fa6e56af4f69a831affc97cc6a83ca8afed8af"
Cache-Control: max-age=331648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aebc8d32b50b-OSL
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:33:53 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sun, 25 Dec 2022 04:33:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=325944,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aebcbd01b51e-OSL
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 25 Nov 2022 04:36:17 GMT
content-type: image/gif
content-length: 158841
expires: Sun, 06 Nov 2022 14:31:54 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 911964
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 03 Nov 2022 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a81b7e5917b0a9fceb9d0ebe8dcda874
7de91e796d8fa1b7e13833bfd533ff262b781e08
379389deadc80b824d233137afde10363a53f8347657a966f0c3aedab78271cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 03:45:41 GMT
Expires: Tue, 29 Nov 2022 03:45:40 GMT
Etag: "7de91e796d8fa1b7e13833bfd533ff262b781e08"
Cache-Control: max-age=341961,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f7aebc5d2cb4eb-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 489e4c1b925459cb956926270fecedfe
a0d962bfbc4cb8ba6ad9f87142b462647ac90a99
21e5a0eefab7008c6fabd5037e4f2c025a331e81d040530df84ba47dd8efbf8e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:56:05 GMT
ETag: "a0d962bfbc4cb8ba6ad9f87142b462647ac90a99"
Last-Modified: Fri, 25 Nov 2022 02:56:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2063
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7aebd9c92b4ee-OSL
u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
103.170.15.48200 OK 66 kB URL HTTP/2 u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
IP 103.170.15.48:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 300 x 220\012- data
Hash 45c27704a7e5bf04a6ee9ca43a4a5710
30c46b532a8fad2580b72262df8233f9f3d92eac
784d9eae2229b2cb0aaf6ec5c3db20652d4046d2db82611b9ae293b61de4affb
GET /8e5c0e404b9b4ccfbf1a21cc4b180b59.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff68-10124"
server: nginx
date: Sun, 06 Nov 2022 06:21:23 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:48 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-38
content-length: 65828
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11159486
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Fri, 25 Nov 2022 04:36:18 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8792e8e3072f3321982b32b53ddc29dc
a71934bba96a469462919336060167835de569cb
974542e2a163a43a0efadf98496d541c7ebce965d9cee815881bd4e2ae45bde7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "974542E2A163A43A0EFADF98496D541C7EBCE965D9CEE815881BD4E2AE45BDE7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17962
Expires: Fri, 25 Nov 2022 09:35:40 GMT
Date: Fri, 25 Nov 2022 04:36:18 GMT
Connection: keep-alive
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:33:53 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sun, 25 Dec 2022 04:33:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
104.208.86.153200 OK 106 kB URL HTTP/1.1 n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
IP 104.208.86.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 106 kB (106506 bytes)
Hash 6d54569d13361f2790967b7e4121586e
9536ee76ac74f72529df2def312ff0ec014bcf29
9423946c26a250564157b32a00e6716649ef7e761e2f5cf826dbb83c532f3194
GET /cadfaad6bf3a48caadd756dfd170308c.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:36:17 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Nov 2022 10:01:44 GMT
ETag: W/"6364e308-71fb4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
103.170.15.63200 OK 269 kB URL HTTP/2 u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
IP 103.170.15.63:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 269 kB (268903 bytes)
Hash d60a666b8a2b332244f82df2f7c985b7
ef8e353e1202ec391da338e5dbdea6796e579de3
f06bf9345b4c684ab9b191073da5134b2b76cd0c5196427aa69c509e675e4bd6
GET /4b3c4c0b91ab44a293f636576b61f61d.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378c9eb-41a67"
server: nginx
date: Fri, 25 Nov 2022 01:48:56 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:19:55 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-53
content-length: 268903
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 170
Cache-Control: max-age=148895
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:36:18 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 21:57:53 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
47.246.44.228200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 10:44:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:58:09 GMT
nw-session-id: 202210211458090102080352141D4BD2FDd8djs02dy
nw-session-trace: 2022-10-21T14:58:09.500113241+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:58:09 GMT
x-tt-logid: 202210211458090102080352141D4BD2FD
via: n150-056-037, cache10.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache2.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9e22e817cb6a172f5515b36a1d0b0b16b0992519978341c8c47dea2460ef9488fea2a1af46ef3a756f47ed19c1f3caa455c050d0adbbab5c58656198a7c70892c0a0b1880236b0a5587be96287d217bf8
x-response-lb: image
ali-swift-global-savetime: 1666349051
age: 3001927
x-cache: HIT TCP_MEM_HIT dirn:3:84784281
x-swift-savetime: Fri, 21 Oct 2022 10:50:02 GMT
x-swift-cachetime: 31535649
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516693509784551167e
X-Firefox-Spdy: h2
223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
103.170.15.87200 OK 636 kB URL HTTP/1.1 223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 636 kB (635680 bytes)
Hash 1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb
Analyzer Verdict Alert quad9 Sinkholed
GET /2fd1ff8304ce4683ad375e9c692230a2.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637727c3-9b320"
Date: Fri, 18 Nov 2022 09:48:01 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 06:35:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 635680
mt66g.com/image/c960X160.gif
23.224.145.199200 OK 226 kB URL HTTP/2 mt66g.com/image/c960X160.gif
IP 23.224.145.199:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 226 kB (226350 bytes)
Hash dc050a09c8f91b6a1cd31f0e14a26f82
cd2aeab9db3c276e676bf0c7f32bf18059c6b522
335eab09ae4eccb826c619213a55977bf822b21117d2b4c7d6ffe5831c327163
GET /image/c960X160.gif HTTP/1.1
Host: mt66g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:18 GMT
content-type: image/gif
content-length: 226350
last-modified: Mon, 24 Oct 2022 09:26:09 GMT
etag: "63565a31-3742e"
expires: Fri, 23 Dec 2022 09:27:20 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
103.189.109.79200 OK 297 kB URL HTTP/2 u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
IP 103.189.109.79:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 297 kB (297356 bytes)
Hash e63728bfd7747ecc0a25bfdb2b851365
9e5716e96d0685245024cb501a8897e87717ce6e
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
GET /6ba61e82d9854d649a1c65d94346189b.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff89-4898c"
server: nginx
date: Thu, 24 Nov 2022 15:59:54 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:03:21 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 297356
X-Firefox-Spdy: h2
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.72200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.72:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:36:18 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Tue, 24 Jan 2023 04:36:18 GMT
last-modified: Fri, 06 Jan 2023 02:12:34 GMT
x-nws-log-uuid: 46bca434-14b0-402f-99df-75ddb4b9c108
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: fdca9d98d36e20909ea7b491c06a38f9
m-traceid: 9vdrgg3fvl9uw4gwn4ip
age: 710810
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
103.189.109.79200 OK 322 kB URL HTTP/2 u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
IP 103.189.109.79:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 322 kB (322130 bytes)
Hash 6e9a6af4964e174da5597e2be162e59c
a75f9890ad7e1334f11b4dbe0da134266d78e329
b43e284062fe514e5108a9c8601616ea2771a2d64a3b32644ae7adea063599d3
GET /214791aa005b4c46b6a9f04058cfb808.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364e2f0-4ea52"
server: nginx
date: Wed, 23 Nov 2022 01:44:40 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 10:01:20 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 322130
X-Firefox-Spdy: h2
vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
103.189.109.79200 OK 286 kB URL HTTP/2 vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
IP 103.189.109.79:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 286 kB (285785 bytes)
Hash 92285e93786dd0e69700a7b81ee67d1e
a9026bec9dc218806e865b3643d5fbe9a94f4edb
9f02528d2edc78634ebfd71d3c682cd679682715dc20afb446b9c8b5c26e1ae1
GET /e56118d487df470a95ed3ab64d8647ff.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635b961a-45c59"
server: nginx
date: Wed, 23 Nov 2022 23:31:45 GMT
content-type: image/gif
last-modified: Fri, 28 Oct 2022 08:43:06 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 285785
X-Firefox-Spdy: h2
u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
103.189.109.79200 OK 376 kB URL HTTP/2 u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
IP 103.189.109.79:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 376 kB (375501 bytes)
Hash 3cc130e8c73445ee88904b1d2945a002
ea12d90d3525af1eef53258ce9681b0093cf717e
29c94fe20be25178fb7896728930c7857d8f7db1e223295be8acf0fd4de68936
GET /c0ea67357fab443e9f882a89c29f0f29.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff5a-5bacd"
server: nginx
date: Thu, 24 Nov 2022 12:52:13 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:34 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 375501
X-Firefox-Spdy: h2
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 638046420E39533638BB0712
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
47.75.19.45200 OK 251 kB URL HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
IP 47.75.19.45:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 251 kB (250863 bytes)
Hash 146302635db0d447d3779d91b77d8389
281b62ad456eee28791ca926602b14ac6e84d9d7
efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 63804642DA8A79373686B0F2
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 2
img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
IP 91.199.87.220:0
GET /images/635242fd5fe50f0585d3ef8f.gif HTTP/1.1
Host: img.u1555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
cache-control: max-age=3600
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 0 B URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wkf5.wuys21.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 04:36:18 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 63804642FC567C323789D96E
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 1