Overview

URL www.sinosteelinvest.com/cfgbin.php?id=&qid=&rand=27689&flag=2048&title=%B8%DF%CB%D9%CF%C2%D4%D8%C6%F7&t=0&u=0a3ee710d94891d4625876d41506f4c1
IP156.224.31.136
ASNPEGTECHINC
Location Hong Kong
Report completed2022-09-25 16:43:52 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-25 2 www.sinosteelinvest.com/tj.js Malware
2022-09-25 2 www.sinosteelinvest.com/common.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS sdk.51.la (1) 88367 2021-03-08 16:03:51 UTC 2022-09-25 11:29:55 UTC 47.253.50.2
mnemonic passive DNS xsuzqtz.com (1) 0 2022-09-03 17:19:48 UTC 2022-09-24 23:37:54 UTC 156.251.51.159 Unknown ranking
mnemonic passive DNS e1.o.lencr.org (5) 6159 2021-08-20 07:36:30 UTC 2022-09-25 08:25:51 UTC 23.36.76.226
mnemonic passive DNS 388tp.oss-cn-hongkong.aliyuncs.com (1) 0 2022-09-10 19:33:11 UTC 2022-09-24 23:37:56 UTC 47.75.19.37 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS js.users.51.la (1) 53024 2012-05-30 15:10:11 UTC 2022-09-25 13:51:08 UTC 103.143.19.103
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-25 12:15:08 UTC 93.184.220.29
mnemonic passive DNS zerossl.ocsp.sectigo.com (3) 4049 2020-05-09 19:05:29 UTC 2022-09-25 05:21:42 UTC 104.18.32.68
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-25 05:23:09 UTC 104.18.20.226
mnemonic passive DNS szasm8.com (1) 0 2022-06-01 17:46:07 UTC 2022-09-24 23:37:57 UTC 47.254.187.192 Unknown ranking
mnemonic passive DNS img.shifangshike.com (2) 0 2022-06-09 10:15:55 UTC 2022-09-24 23:37:57 UTC 154.84.8.2 Unknown ranking
mnemonic passive DNS ggt999.oss-cn-hangzhou.aliyuncs.com (1) 0 2022-08-29 10:27:34 UTC 2022-09-25 01:57:42 UTC 47.110.177.104 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS n5371.com (1) 0 2022-07-06 07:45:41 UTC 2022-09-24 23:37:57 UTC 103.170.15.73 Unknown ranking
mnemonic passive DNS vjnhby.com (1) 0 2022-07-04 22:46:14 UTC 2022-09-24 23:37:57 UTC 103.189.108.92 Unknown ranking
mnemonic passive DNS www.yinyuren.com (2) 0 2022-08-15 15:28:46 UTC 2022-09-24 23:37:57 UTC 23.224.177.84 Unknown ranking
mnemonic passive DNS si1.go2yd.com (1) 325918 2017-02-02 11:37:19 UTC 2022-09-25 10:43:19 UTC 58.254.180.65
mnemonic passive DNS ocsp.sectigo.com (7) 487 2018-12-17 11:31:55 UTC 2022-09-25 14:11:09 UTC 172.64.155.188
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-25 11:34:24 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 34.160.144.191
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-25 04:54:16 UTC 142.250.74.3
mnemonic passive DNS tupku.top (1) 0 2022-06-25 12:46:40 UTC 2022-09-24 23:37:56 UTC 172.67.200.40 Unknown ranking
mnemonic passive DNS tukudhgg.vip (1) 0 2022-08-24 10:58:55 UTC 2022-09-24 23:37:56 UTC 104.21.69.128 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (7) 487 2018-12-17 11:31:55 UTC 2022-09-25 14:11:09 UTC 104.18.32.68
mnemonic passive DNS daohang.05005.top (3) 0 2022-08-31 19:25:32 UTC 2022-09-24 23:37:57 UTC 51.159.52.208 Unknown ranking
mnemonic passive DNS u0075.com (1) 0 2021-02-01 01:45:40 UTC 2022-09-25 09:02:26 UTC 20.239.175.143 Unknown ranking
mnemonic passive DNS u0079.com (1) 0 2021-02-01 01:45:40 UTC 2022-09-24 23:37:57 UTC 20.239.175.142 Unknown ranking
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-25 07:48:51 UTC 104.18.21.226
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-25 05:02:41 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-25 04:51:16 UTC 34.117.237.239
mnemonic passive DNS www.sinosteelinvest.com (4) 0 2018-08-17 22:51:43 UTC 2022-09-25 12:26:42 UTC 156.224.31.136 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 34.216.192.228
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-25 04:26:31 UTC 34.120.237.76
mnemonic passive DNS www.aoattsetp.vip (2) 0 2022-06-09 19:55:39 UTC 2022-09-24 23:37:56 UTC 172.67.194.142 Unknown ranking
mnemonic passive DNS xfbw001.top (13) 0 2022-07-30 16:47:03 UTC 2022-09-24 23:37:55 UTC 216.83.53.45 Unknown ranking
mnemonic passive DNS u0065.com (1) 0 2019-04-04 09:21:18 UTC 2022-09-24 23:37:57 UTC 20.239.175.73 Unknown ranking
mnemonic passive DNS ocsp.digicert.cn (1) 37572 2020-03-20 17:45:56 UTC 2022-09-25 04:35:57 UTC 47.246.44.205
mnemonic passive DNS ia.51.la (1) 59607 2017-10-31 08:01:51 UTC 2022-09-25 13:51:09 UTC 103.143.19.103
mnemonic passive DNS tupkku.top (4) 0 2022-07-03 17:27:30 UTC 2022-09-24 23:37:56 UTC 104.21.51.97 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 156.224.31.136

Date UQ / IDS / BL URL IP
2022-10-29 18:36:24 +0000
0 - 0 - 2 sinosteelinvest.com/api.php?flag=1024&id=&qid (...) 156.224.31.136
2022-10-25 21:28:40 +0000
0 - 0 - 2 www.sinosteelinvest.com/cfgbin.php?id=&qid=&r (...) 156.224.31.136
2022-10-15 17:28:31 +0000
0 - 0 - 2 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136
2022-10-09 17:01:14 +0000
0 - 0 - 2 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136
2022-10-08 17:34:58 +0000
0 - 0 - 4 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136

Last 5 reports on ASN: PEGTECHINC

Date UQ / IDS / BL URL IP
2022-12-09 01:53:39 +0000
0 - 0 - 2 cb.bossedm.com/Admin/UrlCallbacks/commonLink/ (...) 104.192.81.127
2022-12-08 23:48:12 +0000
0 - 0 - 25 computistresearch.com/ 107.148.89.193
2022-12-08 23:47:43 +0000
0 - 0 - 1 www.hootinan.com/?entry=2240_The_Saudis_Secur (...) 38.40.141.17
2022-12-08 23:29:04 +0000
0 - 0 - 3 www.hshonda.com/1191/ 107.148.234.45
2022-12-08 23:17:57 +0000
0 - 0 - 3 www.hshonda.com/16273/ 107.148.234.45

Last 5 reports on domain: sinosteelinvest.com

Date UQ / IDS / BL URL IP
2022-10-29 18:36:24 +0000
0 - 0 - 2 sinosteelinvest.com/api.php?flag=1024&id=&qid (...) 156.224.31.136
2022-10-25 21:28:40 +0000
0 - 0 - 2 www.sinosteelinvest.com/cfgbin.php?id=&qid=&r (...) 156.224.31.136
2022-10-15 17:28:31 +0000
0 - 0 - 2 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136
2022-10-09 17:01:14 +0000
0 - 0 - 2 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136
2022-10-08 17:34:58 +0000
0 - 0 - 4 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-27 06:46:44 +0000
0 - 0 - 6 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136
2022-09-21 22:29:56 +0000
0 - 0 - 2 www.sinosteelinvest.com/api.php?id=&qid=&rand (...) 156.224.31.136


JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 66, repeated: 1) - SHA256: 8888c6f6a9f9f0b822bae49ce0acba29cb1f501f7a9de87c4e2d295c2fa9a056

                                        < script > window.opener.location.href = "http://xsuzqtz.com"; < /script>
                                    


HTTP Transactions (92)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21344
Expires: Sun, 25 Sep 2022 22:39:25 GMT
Date: Sun, 25 Sep 2022 16:43:41 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 16:07:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EqdiEa5mTqu4JePyTFzWmcQRWcozGU-6ejoaUdhYOHNtNf5Jr0sA0g==
Age: 2182


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4140
Expires: Sun, 25 Sep 2022 17:52:41 GMT
Date: Sun, 25 Sep 2022 16:43:41 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Ti11XaQNQ7fpyyBoU4TlBCHmNVz9MPiB3do1ythXhhMoxmYB5f3eTD4PUqv6ac0yqkSeD1dVxxE=
x-amz-request-id: 7WMNTX6KAWYV1P7N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 15:48:10 GMT
age: 3331
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:41 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /cfgbin.php?id=&qid=&rand=27689&flag=2048&title=%B8%DF%CB%D9%CF%C2%D4%D8%C6%F7&t=0&u=0a3ee710d94891d4625876d41506f4c1 HTTP/1.1 
Host: www.sinosteelinvest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.224.31.136
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 25 Sep 2022 16:48:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (590), with CRLF line terminators
Size:   666
Md5:    beabd59366595fdda65658b638b2ae8f
Sha1:   a9a566fc138e87fb39955bbd7cf5be4df18ad237
Sha256: b3b401286003ff83fb0451c81524530286df723ae80f2aedce27660b494925b7
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.sinosteelinvest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sinosteelinvest.com/cfgbin.php?id=&qid=&rand=27689&flag=2048&title=%B8%DF%CB%D9%CF%C2%D4%D8%C6%F7&t=0&u=0a3ee710d94891d4625876d41506f4c1

                                         
                                         156.224.31.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 25 Sep 2022 16:48:45 GMT
Content-Length: 212
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   212
Md5:    4c324b0f7e98afe585489f22da569681
Sha1:   5edc358acb77e634c9e55d419d9467f43ca90f8a
Sha256: 138c418b9b9772807d9b6f4fbde9544aed43009e454757b700bf75e4136bfb81

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /common.js HTTP/1.1 
Host: www.sinosteelinvest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sinosteelinvest.com/cfgbin.php?id=&qid=&rand=27689&flag=2048&title=%B8%DF%CB%D9%CF%C2%D4%D8%C6%F7&t=0&u=0a3ee710d94891d4625876d41506f4c1

                                         
                                         156.224.31.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 25 Sep 2022 16:48:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (341), with CRLF line terminators
Size:   649
Md5:    263ceb663db7a74fc3fc19432cbb9218
Sha1:   aed6fc563c7a441281009725d48cb611d3a5b57f
Sha256: 71886a4373d9c39ab9f6d7754803ed5368b263c27ba6d7ea6e17de249244e6e2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 16:04:17 GMT
Expires: Sun, 25 Sep 2022 16:16:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Dgc3pD9ST-vnOodxTrCqGWk-UX7G30VG4YrNkjUPimRkRoF8G0rqzQ==
Age: 2364


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5183
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:43:42 GMT
Last-Modified: Sun, 25 Sep 2022 15:17:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js-sdk-pro.min.js HTTP/1.1 
Host: sdk.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sinosteelinvest.com/

                                         
                                         47.253.50.2
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: openresty
Date: Sun, 25 Sep 2022 16:43:42 GMT
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34110)
Size:   12853
Md5:    29243483fe441404931c046d27be80a6
Sha1:   92a0c68b0169eff0addb8cc05a53f6e009d41d47
Sha256: 4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EQEJek2gq+7llhaBx9vXBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.216.192.228
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HxVwqBH8pdyEruTX80kf7an1ZkI=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.sinosteelinvest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sinosteelinvest.com/cfgbin.php?id=&qid=&rand=27689&flag=2048&title=%B8%DF%CB%D9%CF%C2%D4%D8%C6%F7&t=0&u=0a3ee710d94891d4625876d41506f4c1
Cookie: __vtins__JafUMpNcDABrgTDs=%7B%22sid%22%3A%20%22db82eaa0-7ecc-5988-bc13-07ca3a73eb82%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201664126020635%2C%20%22ct%22%3A%201664124220635%7D; __51uvsct__JafUMpNcDABrgTDs=1; __51vcke__JafUMpNcDABrgTDs=891aac27-5484-50f0-8ecf-81bf1a7de8b5; __51vuft__JafUMpNcDABrgTDs=1664124220640

                                         
                                         156.224.31.136
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 25 Sep 2022 16:48:46 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 30 Sep 2022 16:48:46 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            GET / HTTP/1.1 
Host: xsuzqtz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sinosteelinvest.com/
Upgrade-Insecure-Requests: 1

                                         
                                         156.251.51.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: NgxFence
Date: Sun, 25 Sep 2022 16:43:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 18:06:50 GMT
ETag: W/"63178c3a-24c"
X-Cache: DYNAMIC
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   427
Md5:    cf7e22bb23b89a5bbfac969f81efcdff
Sha1:   481a2c0ee4986cf85c329771406b0408feca27ca
Sha256: 09f0adb0f362b2d0413fdf8fff09a2c30a53411789aee9c07c694044299fd9b5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13675
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:43:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13675
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:43:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13675
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:43:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13675
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:43:43 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 67945
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10032
Md5:    aa150280eb113504d61a25935c0f0127
Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169
Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
age: 68797
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8914
Md5:    dfdacc8edea3c24dad020d7e9c11b3f4
Sha1:   2b6e37596e88b62f288dc8e8c937fd904fae28d5
Sha256: 338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 68784
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 34468
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8715
Md5:    a89e7161745036637a66e8ab5b7efdf9
Sha1:   79c83cc27996b2339bd63764dbb2ae9744db6d70
Sha256: 13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6m2265h0hSgCTluIqgbC-hSZiiyeqMR0qEwnYgXfjfxNa99trVEgA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 18:05:57 GMT
age: 81466
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7690
Md5:    75eb09cb0472d311d2deaf4475a2fb29
Sha1:   9e7b0fd5b7c45213e1808361867a254c8e313a30
Sha256: c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 30430
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7757
Md5:    9d59e1bbd58ff8c5fe5faecb58149601
Sha1:   ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
Sha256: c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95D060968934B286CEA2D2CB1F087782B53F59628EFDEF6CB047B7BC3CFF4EDF"
Last-Modified: Fri, 23 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 22:43:44 GMT
Date: Sun, 25 Sep 2022 16:43:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:43:44 GMT
Server: ECS (amb/6B8B)
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:43:44 GMT
Last-Modified: Sun, 25 Sep 2022 16:43:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /logotp/xxjyp1.gif HTTP/1.1 
Host: www.aoattsetp.vip
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.142
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:44 GMT
content-length: 93738
last-modified: Fri, 15 Apr 2022 17:50:15 GMT
etag: "6259b057-16e2a"
expires: Mon, 24 Oct 2022 01:45:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 100036
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omyIJkInee60tQjMoAHnp7Ogk6blsRE6wC%2F330MFeKTUaxXucCPEbHixpJT5e2eQQxYItxh9vWN8xnj3eZhRbBB3cd6uPARzL2Hm0BcNh%2Ftt%2BW8fwCVPc%2FIbciWNINis7HIIoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053875f80afabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   93738
Md5:    fc28018a0973ca460ba1c5b3233556af
Sha1:   9c56eb8ec07c63a6cb203afa14ec9f2c953f24f3
Sha256: a2b465ae7a129412d4de099be1119abad0f988c4eca0e9758a09da26243ac30e
                                        
                                            GET /logotp/yu22a.gif HTTP/1.1 
Host: www.aoattsetp.vip
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.142
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:44 GMT
content-length: 73243
last-modified: Fri, 15 Apr 2022 17:53:28 GMT
etag: "6259b118-11e1b"
expires: Sat, 08 Oct 2022 00:22:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1527597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxtiYbAaN6V7tL%2BrK81IFTSO7JtyN%2BNK59kB%2FLzvlvXfgYMZOpFE3zurTXCupMXEzyML0wTdEfQRShei3KiN%2FWMhssGdcYftnbAPUhoJUk8HeuTXjm0UgyfvmrqYquuIktyvWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876080ffabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 150\012- data
Size:   73243
Md5:    a60193fc87ef9e76f55b504b1fbe4951
Sha1:   262b3c0d0a4b453ae75f1c4f648ad862348ab017
Sha256: 83af4402e7893b4d70082d712ba09952e16aea516d2bdab9d234877c099a142d
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11145
Expires: Sun, 25 Sep 2022 19:49:30 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "95C123C94741590E01D7473AE984CADC93392219CB76E810694609C4A82B9D79"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9190
Expires: Sun, 25 Sep 2022 19:16:55 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "95C123C94741590E01D7473AE984CADC93392219CB76E810694609C4A82B9D79"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Sun, 25 Sep 2022 19:17:11 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11100
Expires: Sun, 25 Sep 2022 19:48:45 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:43:45 GMT
Last-Modified: Sun, 25 Sep 2022 16:43:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /s/gts1p5/QOjNzpBth-A HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hf/xfbtu01.jpg HTTP/1.1 
Host: tupku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.40
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 24123
last-modified: Sat, 16 Jul 2022 08:22:59 GMT
etag: "62d27563-5e3b"
expires: Thu, 20 Oct 2022 06:21:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 429066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0na2WbWx6stD5rVVKNSX%2B5tzPLYRbZ%2FAX5KYEefqrk6%2BLJyJbXZ1Gpj78zKebsVu4%2BOwejuhXWKF%2FDXpCAZDr58H7QJJn1NlUwOewkgeCBIj%2F8nZ%2BmU%2FG2u0Zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876ee690b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 751x100, components 3\012- data
Size:   24123
Md5:    6c89d43a7c027bbad6a848c62d9a8812
Sha1:   316688f46cb92157b4850e1f1cc2ca2c5dabdd8a
Sha256: f4223cbd583c5b23fa1e7d6fc4a2fa1118e467e6924cf2568ede0b1897699f1b
                                        
                                            GET /logotp/yu22a.gif HTTP/1.1 
Host: tupkku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.97
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 73243
last-modified: Fri, 15 Apr 2022 17:53:28 GMT
etag: "6259b118-11e1b"
expires: Sun, 23 Oct 2022 04:10:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 177770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smYmSsXZgF%2Fd5Ln%2F3k6%2BIegS2EDWqLOEqr44io3JvapB7c%2FeuSX9%2BEBzxMayqtiKi7QltAJXJhJB4H2TRz2u%2BF7TfrRuSWvjs8LIp2FkXsj3No%2Br6TCjQTbjCf3X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876ed2f0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 150\012- data
Size:   73243
Md5:    a60193fc87ef9e76f55b504b1fbe4951
Sha1:   262b3c0d0a4b453ae75f1c4f648ad862348ab017
Sha256: 83af4402e7893b4d70082d712ba09952e16aea516d2bdab9d234877c099a142d
                                        
                                            GET /logotp/smfw.gif HTTP/1.1 
Host: tupkku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.97
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 310417
last-modified: Fri, 09 Sep 2022 18:16:54 GMT
etag: "631b8316-4bc91"
expires: Sun, 23 Oct 2022 04:10:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 177771
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cW%2B35e7xrb12OuMC7PASCmhUakxVggmUtHD6pXVh4t1GPkRDKBaMBkNk9Mkq4L1CwoDvJDT1IJnsE0B0bvVH0nsH8ncD78OFnis%2Fn6HuCiRATGH5ey6Sdot62kjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876ed2c0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120\012- data
Size:   310417
Md5:    946134a1e70b4f9aeda0470395a24ff6
Sha1:   c3a9f2cb88f4e3a4b940b72cdffca646fb4132a3
Sha256: bc01bdeda0dba8ba89489071d3fbba814a0862dc4670caf307bf462b15686464
                                        
                                            GET /logotp/xfb09.gif HTTP/1.1 
Host: tupkku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.97
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 443705
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-6c539"
expires: Thu, 20 Oct 2022 06:21:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 429065
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYAYOV1KEEVF4E6zWbFr4YV3GZ9TI3gZqkczaOBjgBMFq0WLI9s16GmPwsLcCxvN6BMJq04%2F7ycDdXSKOwrWelJOuQTf7OAa%2F%2FfVwxFc%2BndFHvpKWRLRleElzWeI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876ed2d0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   443705
Md5:    8bc908398e73478d0b28d85191689891
Sha1:   5e9022d7583285c988d0acb55b6db7c920f3c3d0
Sha256: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
                                        
                                            GET /logotp/xpj200.gif HTTP/1.1 
Host: tukudhgg.vip
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.128
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 422639
last-modified: Sat, 10 Sep 2022 08:46:22 GMT
etag: "631c4ede-672ef"
expires: Mon, 10 Oct 2022 14:18:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1304662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXiJyPqq3uinHlTYalsVhF%2ByVXcW7ZLVsrktVbpBGy5UqVxF%2Fx%2Bv%2BSjVkb3iOKLDzSSBjFih7ysLTFBT%2FkSy7O2h2%2Bty9Utol8%2FowzkCC3aBCbqrBv9wAIY46EeKjbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750538770910b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   422639
Md5:    e9fbb3e8331bcc6b705b7bc3c44a22bb
Sha1:   6f1c2c9b38a1f5c31e0d59d8f2bec101b5cbb329
Sha256: bb0c7a32e541641e9c3f5899048ec245463de2bc5efc698b1e6bc528e8e2951a
                                        
                                            GET /static/js/common.js HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
content-length: 1015
last-modified: Tue, 02 Jun 2020 17:22:40 GMT
etag: "5ed68ae0-3f7"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1015
Md5:    082701cf7a4984342611d2d2e7f4756e
Sha1:   1266379c8510374f472ddcc197459ad9ce01f52c
Sha256: fd5fd7163dd131bd7a7718d787d3906bdce3c644e276e25712153c80440038bd
                                        
                                            GET /logotp/xfb25.gif HTTP/1.1 
Host: tupkku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.97
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 3158019
last-modified: Fri, 15 Apr 2022 17:52:26 GMT
etag: "6259b0da-303003"
expires: Thu, 20 Oct 2022 06:21:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 429065
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDVh%2BH4BuYK5PSjtrkV37Kd1xJ1EzLONQ0tCEj6UdPNofNV%2BAoV4R9UWvjTFFLJ2RBrvUB6l%2FD8dgHQ%2BHSAT4WacDksdQmmROlZtVWr5ipRox5XPBw1%2FKGRfl2mx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75053876ed2e0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 152 x 152\012- data
Size:   3158019
Md5:    bcd3fcbcc5c135983c9f0b6b4c81de85
Sha1:   ffe0b4c734dfb9806ab170e4c5559822d1bd24e5
Sha256: 00beef02f2debf6a215f7a94e7b53dbfd88bf06335b6cb28c5b760f2f7c85532
                                        
                                            GET /static/picture/gl.gif HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
content-length: 9704
last-modified: Tue, 02 Jun 2020 17:22:43 GMT
etag: "5ed68ae3-25e8"
expires: Tue, 25 Oct 2022 16:43:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 49 x 44\012- data
Size:   9704
Md5:    8bb859e1b936135d3240311727f54e88
Sha1:   4d93dee697c7f40502ddec6aeddc93c4fd8f6603
Sha256: f138d70c2f2b2ab1735b365d85e3266de014d9bb88dd020b8d38c437857e8835
                                        
                                            GET /static/picture/close.png HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11100
Expires: Sun, 25 Sep 2022 19:48:45 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:51:58 GMT
ETag: "68d21ccbbdb973191c0d4e3272973d56c458203d"
Last-Modified: Sun, 25 Sep 2022 12:51:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3060
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750538797bea0b31-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    7fc43ed7cc7db00b682fb986e13aad32
Sha1:   68d21ccbbdb973191c0d4e3272973d56c458203d
Sha256: 049ae31d754990ba58145a27e04a7459f12847bc61f78ee8183d7afd663e456e
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:07:33 GMT
ETag: "8cabd73be7dd7705e05fa840c80610aa9f77b9d7"
Last-Modified: Sun, 25 Sep 2022 13:07:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 636
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750538797a730afe-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    f21b0d204343d818d6b7150e59377189
Sha1:   8cabd73be7dd7705e05fa840c80610aa9f77b9d7
Sha256: ebcf89cf580241c6a7c78d65443009bb7364f51a1c3c68adf759ef2ae6a3a2e8
                                        
                                            POST /s/gts1p5/QOjNzpBth-A HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 01:23:16 GMT
Expires: Fri, 30 Sep 2022 01:23:15 GMT
Etag: "9d64576bb8ce343eef8d67d2d693b0c3b6453bf2"
Cache-Control: max-age=376169,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387a5b41b521-OSL

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:34:06 GMT
Expires: Sat, 01 Oct 2022 01:34:05 GMT
Etag: "b21c3173322f4a2b7f0f5a11c3bd25c429df42b4"
Cache-Control: max-age=463219,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387a7cdeb4ee-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "698040B43924861C65AE8F81E98167B8EB2FF291D997996B19A61EBBA8AF4C28"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 22:43:45 GMT
Date: Sun, 25 Sep 2022 16:43:45 GMT
Connection: keep-alive

                                        
                                            GET /static/css/common.css HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:46 GMT
vary: Accept-Encoding
etag: W/"5ed68ae6-46f2"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3907
Md5:    e5db850262ffe1e362e98c372baa684b
Sha1:   1bf7bef24928a729f848c95c5ee73fc86bd546eb
Sha256: 465ef0cd88fcec379c2ddde7f810b461cf96fa7c21ab5cafe645f53c7c5e4b47
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:34:06 GMT
Expires: Sat, 01 Oct 2022 01:34:05 GMT
Etag: "b21c3173322f4a2b7f0f5a11c3bd25c429df42b4"
Cache-Control: max-age=463219,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387a2bc0b500-OSL

                                        
                                            GET /uploads/20220810/c4e4593c4c38bd9183033354942ec870.gif HTTP/1.1 
Host: daohang.05005.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.159.52.208
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 56057
Date: Sun, 25 Sep 2022 16:04:10 GMT
ETag: "1664121850"
Expires: Tue, 25 Oct 2022 16:04:10 GMT
Last-Modified: Sun, 25 Sep 2022 16:04:10 GMT
Server: openresty
X-Cache: HIT, server, disk


--- Additional Info ---
Magic:  GIF image data, version 89a, 688 x 350\012- data
Size:   56057
Md5:    c4e4593c4c38bd9183033354942ec870
Sha1:   bd9746a32c7f4b767bcf0e0b3f64f8c7594029ee
Sha256: 128b9b10a62a3054a8587b45b27dc3a35ecda76a42337572b1f0ffeaf34b6d30
                                        
                                            GET /uploads/20220810/0217c43ed4213c2bc06a00769a8a58a0.gif HTTP/1.1 
Host: daohang.05005.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.159.52.208
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 48181
Date: Sun, 25 Sep 2022 16:04:10 GMT
ETag: "1664121850"
Expires: Tue, 25 Oct 2022 16:04:10 GMT
Last-Modified: Sun, 25 Sep 2022 16:04:10 GMT
Server: openresty
X-Cache: HIT, server, disk


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 154\012- data
Size:   48181
Md5:    99f0652506db5edc7ebdea4c06cdb89c
Sha1:   faa58769cba4e4887a24659eaab0ed5ac880c1f4
Sha256: 8b097529e22a93bbe64790120bf58f706a5377851441072181a8497e4a4f8e0f
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:34:06 GMT
Expires: Sat, 01 Oct 2022 01:34:05 GMT
Etag: "b21c3173322f4a2b7f0f5a11c3bd25c429df42b4"
Cache-Control: max-age=463218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387abfa7b4fd-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:11:46 GMT
Expires: Sat, 01 Oct 2022 15:11:45 GMT
Etag: "e518536f51bb9babddf4223a2f4105ae65f786a3"
Cache-Control: max-age=512279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387a5f9c0b55-OSL

                                        
                                            GET /static/image/01b6bff8bbf356a6f7d007d26b30693d.jpg HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:45 GMT
content-length: 407897
last-modified: Fri, 13 Mar 2020 14:01:13 GMT
etag: "5e6b9229-63959"
expires: Tue, 25 Oct 2022 16:43:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   407897
Md5:    de65d0c45d7a2c485b36c14da5999f63
Sha1:   b54363fdb94325b08fda5fc7f0928dfb9bca4e3b
Sha256: cfcefc6baa7b29e657fa6856cef6661b4bccce1d97fe102cbc7eeb98c80e3910
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 29 Sep 2022 12:52:13 GMT
ETag: "6bcca18ad17fc44708db1b94cfb559d601d77a36"
Last-Modified: Sun, 25 Sep 2022 12:52:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2237
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7505387ccb58b512-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    095c6958808ba30cea5b44700fba262a
Sha1:   6bcca18ad17fc44708db1b94cfb559d601d77a36
Sha256: 4766f2dbed7d58abcc71db4ae899507880618808e00b340a31d57a3ef9634efe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:11:46 GMT
Expires: Sat, 01 Oct 2022 15:11:45 GMT
Etag: "e518536f51bb9babddf4223a2f4105ae65f786a3"
Cache-Control: max-age=512278,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387bcd0bb4e8-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 22:53:22 GMT
Expires: Sat, 01 Oct 2022 22:53:21 GMT
Etag: "f6fc88a8c0e030d3b0ffa41a2bc5664d30a83502"
Cache-Control: max-age=539974,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387cc88f0b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 11:06:37 GMT
Expires: Sat, 01 Oct 2022 11:06:36 GMT
Etag: "a79d2a19fad9511c3be18d5ff9731f98e3c636b7"
Cache-Control: max-age=497570,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387b5acdfac8-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 11:06:37 GMT
Expires: Sat, 01 Oct 2022 11:06:36 GMT
Etag: "a79d2a19fad9511c3be18d5ff9731f98e3c636b7"
Cache-Control: max-age=497570,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387aebc9b521-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:02:24 GMT
Expires: Thu, 29 Sep 2022 12:02:23 GMT
Etag: "ed2a72223fcc53f1e241e373beeba3a6bdb618b2"
Cache-Control: max-age=328116,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7505387d7c47fac8-OSL

                                        
                                            GET /uploads/20220809/b06559b82cd412494278b4fe78b9fa13.gif HTTP/1.1 
Host: daohang.05005.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.159.52.208
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 119998
Date: Sun, 25 Sep 2022 16:04:10 GMT
ETag: "1664121851"
Expires: Tue, 25 Oct 2022 16:04:10 GMT
Last-Modified: Sun, 25 Sep 2022 16:04:11 GMT
Server: openresty
X-Cache: HIT, server, disk


--- Additional Info ---
Magic:  GIF image data, version 89a, 360 x 183\012- data
Size:   119998
Md5:    835b689d9864ca2b9c83aa08f6ebbf3c
Sha1:   4403a4a822f73077d4d5afd43b4cd7291a7333b2
Sha256: c5fba6a7651733eb4a833d2bcf278e963777f46c9ad6e68e9bcd6555178f0681
                                        
                                            GET /d3c792e0d1f84dc1baed68b9ade37cde.gif HTTP/1.1 
Host: u0079.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.175.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 09:24:49 GMT
ETag: W/"63107a61-1a62d"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 250 x 250\012- data
Size:   38350
Md5:    d04a0761d8664254dcbc8c09fbf2952e
Sha1:   27b010523b966bedf0a398cc6032f0a18a8404d9
Sha256: b26c862bcbf6614d6fd889b74edfe5deb513d4ef3c1935a0fce70058b84a9cf3
                                        
                                            GET /6455b2598135486d89d4fc8d41af6a79.gif HTTP/1.1 
Host: u0065.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.175.73
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 25 Sep 2022 16:43:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 17:34:49 GMT
ETag: W/"6293aeb9-3f7b"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   15922
Md5:    51d03bfdfe37ff19808780d36cd83637
Sha1:   9c6bb02f7001db58201f28fad2d3e1c09efb9b12
Sha256: 2777d167f4f3b393586ef4c88bf25427543e1bdde1a037f49a140d51cb330df8
                                        
                                            GET /static/js/swiper.min.js HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:40 GMT
vary: Accept-Encoding
etag: W/"5ed68ae0-178a3"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27981
Md5:    c533a4c418cf543e78d51494555e18af
Sha1:   94417f801047cca68e462195f565b788f78d3dd9
Sha256: 27e67cc05977fff8f12d79c6dd397481289a0034d878f2cd54a8056bf37f3d13
                                        
                                            GET /2ac22b660ddc402686e753f5ccf89b1b.png HTTP/1.1 
Host: u0075.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.175.143
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 25 Sep 2022 16:43:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:24:29 GMT
ETag: W/"632440cd-9dd9"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   40237
Md5:    86018dfefff54a8212c1a142225b32da
Sha1:   f206f6a3db6bea5b8fd9a1534726a2b100a379f3
Sha256: 1e585c6d9c17f8f851a82c5e204552889fbcf3ebb2f9e07412269ff1f0b41b5a
                                        
                                            GET /60374c2d2adc4d039fbbb27d340a481d.gif HTTP/1.1 
Host: szasm8.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.254.187.192
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:43:46 GMT
Content-Length: 344751
Connection: keep-alive
x-oss-request-id: 63308542EDBE26129C987C43
Accept-Ranges: bytes
ETag: "737C4ED211B8AEAA644400A85D02023B"
Last-Modified: Thu, 19 May 2022 13:06:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2894696607994926520
x-oss-storage-class: Standard
Content-MD5: c3xO0hG4rqpkRACoXQICOw==
x-oss-server-time: 50


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 180\012- data
Size:   344751
Md5:    737c4ed211b8aeaa644400a85d02023b
Sha1:   f1cf42cd5d70d2bae0d5a890fc2aac5fc76b4420
Sha256: 627ba9f86b478606d3fc36097593d9513d273651c5fbf77723b91cc270947f4e
                                        
                                            GET /tyc/logo/%E5%A4%AA%E9%98%B3%E5%9F%8E388-100x100.gif HTTP/1.1 
Host: 388tp.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.37
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 78511
Connection: keep-alive
x-oss-request-id: 63308541D14BBC3639C8ED51
Accept-Ranges: bytes
ETag: "BBD160C4F162A0B3A4934EF8434FF623"
Last-Modified: Tue, 06 Sep 2022 12:46:08 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1992963668738522739
x-oss-storage-class: Standard
Content-MD5: u9FgxPFioLOkk074Q0/2Iw==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 100\012- data
Size:   78511
Md5:    bbd160c4f162a0b3a4934ef8434ff623
Sha1:   6b14ef088a56df093b9b57a01060551f0d3511c9
Sha256: 35b48f348fb2ca998b0ad1e2f6fba362e59ddc3cd1370645e1ab84a3c5b8036a
                                        
                                            GET /ky/ky200200a.gif HTTP/1.1 
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.110.177.104
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 25 Sep 2022 16:43:45 GMT
Content-Length: 204352
Connection: keep-alive
x-oss-request-id: 63308541716A9C323389F10E
Accept-Ranges: bytes
ETag: "DFBFAC2CB30B3A310CCE19FDAC026948"
Last-Modified: Wed, 21 Sep 2022 10:18:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7627752827965323265
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 37+sLLMLOjEMzhn9rAJpSA==
x-oss-server-time: 3


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   204352
Md5:    dfbfac2cb30b3a310cce19fdac026948
Sha1:   47d10fd61ee8855c943c2dfff5b6099523bf85ae
Sha256: cbe50219f55ef65df695cc6278e8013ccc4ed54c7a2ab77516a1e9732fea96fa
                                        
                                            GET /21254311.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Sun, 25 Sep 2022 16:43:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=46a7d75d46f64f6aa10; path=/ HWWAFSESTIME=1664124222365; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    397f19c7a9911fbb047f4a301420600e
Sha1:   6837bc3dda0085c09603b2988146b92043f7e841
Sha256: c665055b0de6db61e0294a7a1f6829b29b87409a8a96711e34c9935fb6fd7bdf
                                        
                                            GET /0a42b652043b46c0982b3355af178f5a.gif HTTP/1.1 
Host: n5371.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.73
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "631dc609-748c"
Date: Fri, 23 Sep 2022 11:30:47 GMT
Server: nginx
Last-Modified: Sun, 11 Sep 2022 11:27:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-03
Content-Length: 29836


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 180\012- data
Size:   29836
Md5:    c75065e9b2cdd6327ec4bcd5564139dd
Sha1:   942a4075f3561f09179d6a332eebfdca981601b0
Sha256: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
                                        
                                            GET /5a8c892cdd264f178f756ce9b4f9cee8.gif HTTP/1.1 
Host: vjnhby.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.189.108.92
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "62c30e04-1d8d"
server: nginx
date: Thu, 22 Sep 2022 11:31:23 GMT
last-modified: Mon, 04 Jul 2022 15:57:56 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-082
content-length: 7565
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   7565
Md5:    b27ac99f951d9871e04188c6f6b301ce
Sha1:   d23b66bb94611cb6d60327704ca25a502a486e1e
Sha256: f965ec0464285565fa21ba7c5b7bd6fed362c0a634116ba4abc57e4a3a1f061d
                                        
                                            GET /static/picture/close.png HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Cookie: __tins__21254311=%7B%22sid%22%3A%201664124225084%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201664126025084%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:46 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /images/T001-4.gif HTTP/1.1 
Host: www.yinyuren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.177.84
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:46 GMT
content-length: 139590
last-modified: Mon, 09 May 2022 14:54:50 GMT
etag: "62792b3a-22146"
expires: Tue, 25 Oct 2022 16:43:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 200\012- data
Size:   139590
Md5:    c26b438fb3967395e723c7be01ba4cfc
Sha1:   e06149c9a3b3b6318f51f9ed7af8e1fa7dad475e
Sha256: 8be6db381df1fb0ee430c6c116bdb81719d3b201729a3d32d49636ae8ae07baf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "826EEB05A9E6EB8E75D9C7F624DE8A0D6AC5F2E5D1945D92C6DD070B83022098"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4144
Expires: Sun, 25 Sep 2022 17:52:50 GMT
Date: Sun, 25 Sep 2022 16:43:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FA9577D190B2A8CAB24AF1F376A0BFAEFB847E309F970A720A1C92DB77EBCFA0"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 22:43:46 GMT
Date: Sun, 25 Sep 2022 16:43:46 GMT
Connection: keep-alive

                                        
                                            GET /images/xx5.gif HTTP/1.1 
Host: www.yinyuren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.177.84
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:46 GMT
content-length: 100772
last-modified: Mon, 09 May 2022 14:54:52 GMT
etag: "62792b3c-189a4"
expires: Tue, 25 Oct 2022 16:43:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120\012- data
Size:   100772
Md5:    af386709d01569b09afec93206faf6cb
Sha1:   f63f07a01266d0af08b1eb5d26eaba58e08764e1
Sha256: 1ead223732f953b8869eb75695db2489a5043737f4aafda3177da2b5f5fe33d7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         47.246.44.205
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Tengine
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 16:43:46 GMT
Ali-Swift-Global-Savetime: 1664124226
Via: cache10.l2de2[475,474,200-0,M], cache10.l2de2[476,0], cache5.se1[497,497,200-0,M], cache5.se1[499,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sun, 25 Sep 2022 16:43:46 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916641242264757717e

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 16:43:47 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 29 Sep 2022 13:15:07 GMT
ETag: "6f9287db405a4329bbdf76571f645f4efba1e3ae"
Last-Modified: Sun, 25 Sep 2022 13:15:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1620
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750538843f56b512-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    205ffc805c79759f1ce0429bf513bcf0
Sha1:   6f9287db405a4329bbdf76571f645f4efba1e3ae
Sha256: 955223bf4f227d01c1345219f1c1762f54ab1012bb5772e6192d95b7dc659f7a
                                        
                                            GET /get-image/0xvfOJ7A0eR HTTP/1.1 
Host: si1.go2yd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         58.254.180.65
HTTP/2 200 OK
content-type: image/gif
                                        
server: JSP3/2.0.14
date: Sun, 25 Sep 2022 16:43:47 GMT
content-length: 30429
last-modified: Wed, 16 Feb 2022 08:54:08 GMT
etag: "e478d4eee8d5ba8d9fe17767aaa980ce"
age: 940641
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n5pobs799hib5np8lk0v4rk2
content-md5: 5HjU7ujVuo2f4XdnqqmAzg==
timing-allow-origin: *
ohc-cache-hit: gz3un55 [2], jnuncache85 [2], xaix85 [2]
ohc-file-size: 30429
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 150\012- data
Size:   30429
Md5:    e478d4eee8d5ba8d9fe17767aaa980ce
Sha1:   3efb4d1eb669f7c98ce5ea16716065e239a9c8be
Sha256: e14b1ba21dfcf537e2de423cd0400133c681f2ad8302486f259b5c5f31cb451c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Cookie: __tins__21254311=%7B%22sid%22%3A%201664124225084%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201664126025084%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:47 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /gif20.gif HTTP/1.1 
Host: img.shifangshike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.84.8.2
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 25 Sep 2022 16:43:47 GMT
Content-Length: 74836
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 14:19:09 GMT
ETag: "630784dd-12454"
Expires: Wed, 28 Sep 2022 02:59:45 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120\012- data
Size:   74836
Md5:    918b63e22c9044ce7eb782ead6d86b9e
Sha1:   1d962f109eedb9fbb06a34e84fbe0e454e12685f
Sha256: d53b6735fcd744484dccbb98259db31ffbffc7cb1929d077443f1172dda57a21
                                        
                                            GET /go1?id=21254311&rt=1664124225084&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2580%25A7%25E7%25A6%258F%25E5%25AE%259D%25EF%25BC%258C%25E4%25B8%2593%25E4%25B8%259A%25E6%259B%25B4%25E6%2596%25B0%25E7%25A6%258F%25E5%2588%25A9%25E5%25A6%25B9%25E5%25AD%2590%25E5%259B%25BE%252C%25E6%2597%25A0%25E5%259C%25A3%25E5%2585%2589%25E5%25A5%2597%25E5%259B%25BE%252C%25E6%2580%25A7%25E6%2584%259F%25E7%25BE%258E%25E5%25A5%25B3%25E5%2586%2599%25E7%259C%259F%252C%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586&ing=1&ekc=&sid=1664124225084&tt=%25E6%2580%25A7%25E7%25A6%258F%25E5%25AE%259D&kw=%25E6%2580%25A7%25E7%25A6%258F%25E5%25AE%259D%25EF%25BC%258C%25E4%25B8%2593%25E4%25B8%259A%25E6%259B%25B4%25E6%2596%25B0%25E7%25A6%258F%25E5%2588%25A9%25E5%25A6%25B9%25E5%25AD%2590%25E5%259B%25BE%252C%25E6%2597%25A0%25E5%259C%25A3%25E5%2585%2589%25E5%25A5%2597%25E5%259B%25BE%252C%25E6%2580%25A7%25E6%2584%259F%25E7%25BE%258E%25E5%25A5%25B3%25E5%2586%2599%25E7%259C%259F%252C%25E9%25BB%2584%25E8%2589%25B2%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%252C%25E5%258F%25AF%25E4%25BB%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B%25E7%259A%2584av%25E6%25AF%259B%25E7%2589%2587%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E7%25A6%258F%25E5%2588%25A9%25E8%25A7%2586%25E9%25A2%2591%25E7%25AD%2589%25E8%25B5%2584%25E6%25BA%2590&cu=https%253A%252F%252Fxfbw001.top%252F&pu=http%253A%252F%252Fxsuzqtz.com%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Sun, 25 Sep 2022 16:43:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=f46675a7d7baf7e4c08; path=/ HWWAFSESTIME=1664124225591; path=/

                                        
                                            GET /gif25.gif HTTP/1.1 
Host: img.shifangshike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.84.8.2
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 25 Sep 2022 16:43:47 GMT
Content-Length: 269177
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 14:19:17 GMT
ETag: "630784e5-41b79"
Expires: Wed, 28 Sep 2022 02:59:43 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120\012- data
Size:   269177
Md5:    3be5bc895ae3e525bbcfbb2a2696ed0f
Sha1:   1f3d2c548412b47b65acf224f1a6b7bf89dcf876
Sha256: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
                                        
                                            GET / HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xsuzqtz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Sun, 18 Sep 2022 14:10:47 GMT
vary: Accept-Encoding
etag: W/"632726e7-61cf"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/css/iconfont.css HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:46 GMT
vary: Accept-Encoding
etag: W/"5ed68ae6-b9a"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/jquery.min.js HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:40 GMT
vary: Accept-Encoding
etag: W/"5ed68ae0-1762a"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/jquery.qrcode.min.js HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:40 GMT
vary: Accept-Encoding
etag: W/"5ed68ae0-3722"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/css/swiper.min.css HTTP/1.1 
Host: xfbw001.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfbw001.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.83.53.45
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 16:43:44 GMT
last-modified: Tue, 02 Jun 2020 17:22:46 GMT
vary: Accept-Encoding
etag: W/"5ed68ae6-4433"
expires: Mon, 26 Sep 2022 04:43:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---