r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16753
Expires: Sat, 28 Jan 2023 11:28:54 GMT
Date: Sat, 28 Jan 2023 06:49:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3695
Expires: Sat, 28 Jan 2023 07:51:16 GMT
Date: Sat, 28 Jan 2023 06:49:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 06:35:29 GMT
content-type: application/json
age: 852
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Sat, 28 Jan 2023 07:38:24 GMT
Date: Sat, 28 Jan 2023 06:49:41 GMT
Connection: keep-alive
www.kkw0707.com/
108.186.147.60200 OK 574 B IP 108.186.147.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (1034), with CRLF line terminators
Hash ddaf26522987ead856251331f172bc26
b1acc47f8ffdee79008dd6648df5126cd15cf10a
fc6768f007627ab881c6f255dd133fb07e946a5e5a80f576e76b718bfa6c7751
GET / HTTP/1.1
Host: www.kkw0707.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: B+C73nArithas1rBYqbmQw3Nqbf3zcKZj6JdNZQsAAxtoXnmthlfa/LPJzf6fgxiK6hf1wiF6vY=
x-amz-request-id: GCVVNGG86VN4RC05
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 05:49:43 GMT
age: 3598
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:49:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.kkw0707.com/tj.js
108.186.147.60200 OK 258 B IP 108.186.147.60:0
File type ASCII text, with CRLF line terminators
Hash 762eb87b1f035c0d02659e18e7451314
e23f5e65f3b6cf99f28fdffc909aa634116fc73b
a12b02c67b5187e8d3fdcf91122954e9d73ec9f6943c4c4787b88646f3230377
GET /tj.js HTTP/1.1
Host: www.kkw0707.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kkw0707.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:41 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.kkw0707.com/common.js
108.186.147.60200 OK 1.1 kB URL HTTP/1.1 www.kkw0707.com/common.js
IP 108.186.147.60:0
File type HTML document, ASCII text, with very long lines (431), with CRLF line terminators
Hash 4bae5573ca39cb826c328c652b62f0c6
5bd65995d10b89f26397fefe0e6d93c868d1f507
f8fe1d6d04f46a9606048f86ce662a1ff55f05841d04457db49472e11e68b725
GET /common.js HTTP/1.1
Host: www.kkw0707.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kkw0707.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 06:41:40 GMT
age: 482
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17604
Expires: Sat, 28 Jan 2023 11:43:06 GMT
Date: Sat, 28 Jan 2023 06:49:42 GMT
Connection: keep-alive
www.kkw0707.com/favicon.ico
108.186.147.60200 OK 1.2 kB URL HTTP/1.1 www.kkw0707.com/favicon.ico
IP 108.186.147.60:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.kkw0707.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kkw0707.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:42 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 02 Feb 2023 06:49:42 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a3f8d0fb4cc592094186695f90868157
0122c7b62073ecaa4e08ba4816a97ff3957aae75
59eff9d1f1f3e38595cbdda3824f29b2e325d22aad691ba96e6406adcba99e16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59EFF9D1F1F3E38595CBDDA3824F29B2E325D22AAD691BA96E6406ADCBA99E16"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 28 Jan 2023 12:49:42 GMT
Date: Sat, 28 Jan 2023 06:49:42 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://www.kkw0707.com/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.kkw0707.com/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.kkw0707.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kkw0707.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 28 Jan 2023 06:49:42 GMT
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash e562f5065632c8150d59dfe43f82fcba
181e7d53b9b492f4b88e663b29230acb9aba7b91
60d34ccc637c56c4d1776c56eb24d05d235f381b78c130b53fe96a8a4870e9fa
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:16:43 GMT
ETag: "181e7d53b9b492f4b88e663b29230acb9aba7b91"
Last-Modified: Sat, 28 Jan 2023 03:16:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2023
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca294dab1c16-OSL
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jPSVuHj8Re3sYPZHkfQB4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Mk1AdfhYRnHTA+IsBDRNr5krNQ=
jklliu-nioink-vgfdxg-8997.com/
156.248.236.202200 OK 7.6 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/
IP 156.248.236.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1253), with CRLF line terminators
Hash 009004bca1a6ad3d7e57bd6b16bc9179
4767900053f7f1bcc0001f1c4c44e24fa79f6286
6098e701e4c261f8f86569af78616be5844571ed442e8f515324cb618963cb14
GET / HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kkw0707.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.1.33, ASP.NET
Date: Sat, 28 Jan 2023 06:49:38 GMT
Content-Length: 7604
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/ate.css
156.248.236.202200 OK 4.5 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/ate.css
IP 156.248.236.202:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
GET /template/waydoaxn/css/ate.css HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Accept-Ranges: bytes
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:38 GMT
Content-Length: 4498
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/zui.css
156.248.236.202200 OK 15 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/zui.css
IP 156.248.236.202:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 48c376278eb9da985b90bb1612dbeee1
4d755742285a8bc38f9c73b3a5976c6b381e3c32
af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee
GET /template/waydoaxn/css/zui.css HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Accept-Ranges: bytes
ETag: "0e972e6ef4d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:38 GMT
Content-Length: 15351
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/ebhhnphx.js
156.248.236.202200 OK 725 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/ebhhnphx.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 201087d5824a3540e4b8991b05ae88d0
8e1b2e3269b6d04e4ba45b0374eee534cb2229c6
a4cfc9582842bdcfa584c8cb3b10efe4cb36b0a14c32fac0e35b9c0c87ea673b
GET /template/waydoaxn/mmnjuuta/ebhhnphx.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 08:21:46 GMT
Accept-Ranges: bytes
ETag: "08913652832d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 725
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/rradauct.js
156.248.236.202200 OK 789 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/rradauct.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7d393684ff8fc60abbc47a8ca5b6470b
21fe0e6a26ac38d9544e6a329a266431cf5802b1
476d2d3b828c9540684a739b95bd2f1f840e972cf5e365c69a2eef295af14a7e
GET /template/waydoaxn/mmnjuuta/rradauct.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 09:12:14 GMT
Accept-Ranges: bytes
ETag: "0abe7712f32d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 789
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/nyyhulad.js
156.248.236.202200 OK 1.3 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/nyyhulad.js
IP 156.248.236.202:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 385279f19f27d3631d6f186fec61a6cf
5513a72280a8683056516d9c9745545d017d2e01
33bcbbeb75ebaf0f9208b7eb70c1685354a29327b513681b1a03c4fccd5b3627
GET /template/waydoaxn/mmnjuuta/nyyhulad.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:15:05 GMT
Accept-Ranges: bytes
ETag: "806a21fd4832d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 1266
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/vtffstvy.js
156.248.236.202200 OK 981 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/vtffstvy.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash b0717ee1ca069a3bf0889e52160ad30e
e48ddf33060358ea9f5ef08e37b8e5e969d7fbf0
3db87e3598162f95487f667bba8e072db4eb1e3c896a3cac4f722cd578fcac3a
GET /template/waydoaxn/mmnjuuta/vtffstvy.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 08:21:46 GMT
Accept-Ranges: bytes
ETag: "08913652832d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 981
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/app.js
156.248.236.202200 OK 999 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/app.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (334), with CRLF line terminators
Hash 6b0a5e1b19cb0bb084091d5d234c6167
d9667b5201021cbda0165c7ebc590ccb24524061
1a40f0e46d8a789a0db51142f3e30b7089be5199468876690df3777aaf81c1c3
GET /template/waydoaxn/mmnjuuta/app.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:15:06 GMT
Accept-Ranges: bytes
ETag: "01bafd4832d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 999
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/geaueyhh.js
156.248.236.202200 OK 650 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/geaueyhh.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash fb2a0773c0d79ee3baf9d0b3489df81c
7f2c7c5c9470b50bac4d8f6e9b8971b9495823b2
0b21a3395f160c2e1b04de2a8a28f5515dfe252e6810cc78c7b28859ac7a6e29
GET /template/waydoaxn/mmnjuuta/geaueyhh.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 21 Jan 2023 06:57:58 GMT
Accept-Ranges: bytes
ETag: "01fadb1652dd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 650
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5888770
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Sat, 28 Jan 2023 06:49:43 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/mqntlfic.js
156.248.236.202200 OK 1.1 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/mqntlfic.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 991713f7d5977e4d8f76d2a5dff3bb38
7ea4eb2c25df0edfd39f4f0a7c958f430a282607
07a49075d5e5db9b8464c9c5b3d510e6ab593a3e73e02e2cb89102764d9e701f
GET /template/waydoaxn/mmnjuuta/mqntlfic.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:15:05 GMT
Accept-Ranges: bytes
ETag: "806a21fd4832d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 1120
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/ficsblek.js
156.248.236.202200 OK 701 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/ficsblek.js
IP 156.248.236.202:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (473), with CRLF line terminators
Hash 7708da5cbdc39d6ca472b4e1e10c14f6
851101fae11ead1e4a84236c498b5fdab96bcca5
1bb931791335c9dbc09c8aa19c1a8a83433226f7bd429de4cff10c8544a18d14
GET /template/waydoaxn/mmnjuuta/ficsblek.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 08:54:00 GMT
Accept-Ranges: bytes
ETag: "4fd758942c27d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 701
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/kcpmvycl.js
156.248.236.202200 OK 212 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/mmnjuuta/kcpmvycl.js
IP 156.248.236.202:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 6d23b1e6dc71e3ef03252b13f7a1454f
2696a8fedeb76ed53e14542eb8ff95c6d2da91ca
2366bd84896434e3d5976e5818a34c1f46ca2ea7d2b7dca1445f83ab39d08bd9
GET /template/waydoaxn/mmnjuuta/kcpmvycl.js HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 23:34:44 GMT
Accept-Ranges: bytes
ETag: "c8102a6680ccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 212
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/loogo8.png
156.248.236.202404 Not Found 1.2 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/loogo8.png
IP 156.248.236.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/waydoaxn/css/loogo8.png HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 1163
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/1.gif
156.248.236.202200 OK 254 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/1.gif
IP 156.248.236.202:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/waydoaxn/images/1.gif HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 11 Jun 2021 00:37:23 GMT
Accept-Ranges: bytes
ETag: "28ba8f2595ed71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 254
hm.baidu.com/hm.js?cb88ac5dbd94adffa8608e5d2f29103e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?cb88ac5dbd94adffa8608e5d2f29103e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 8925abe2d9f137959c85e604d57080da
0a3188b64068cf27d0f52750e8c6173e09aeaa3b
585c2eb91bbf032fbc94ca5a407a4630a3abc3cbaa99ef1455a6aaea45f9f154
GET /hm.js?cb88ac5dbd94adffa8608e5d2f29103e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kkw0707.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:49:43 GMT
Etag: 95f5694723c6e5b532289469b6faa2a0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4439E1D3DB6B9209; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ad0369c2f3ab7450ad48b1657675b6a
b9486ad480bb2510fd6e920a6fc7a2170275af3f
6759e419649a00b82d39af24a8bf828370fbd5d90b8af6be72fe881a165b1934
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:54 GMT
Expires: Tue, 31 Jan 2023 22:57:53 GMT
Etag: "b9486ad480bb2510fd6e920a6fc7a2170275af3f"
Cache-Control: max-age=316689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca2ffe04b500-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ad0369c2f3ab7450ad48b1657675b6a
b9486ad480bb2510fd6e920a6fc7a2170275af3f
6759e419649a00b82d39af24a8bf828370fbd5d90b8af6be72fe881a165b1934
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:54 GMT
Expires: Tue, 31 Jan 2023 22:57:53 GMT
Etag: "b9486ad480bb2510fd6e920a6fc7a2170275af3f"
Cache-Control: max-age=316689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca302a91b4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ad0369c2f3ab7450ad48b1657675b6a
b9486ad480bb2510fd6e920a6fc7a2170275af3f
6759e419649a00b82d39af24a8bf828370fbd5d90b8af6be72fe881a165b1934
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:54 GMT
Expires: Tue, 31 Jan 2023 22:57:53 GMT
Etag: "b9486ad480bb2510fd6e920a6fc7a2170275af3f"
Cache-Control: max-age=316689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca303e90b511-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ad0369c2f3ab7450ad48b1657675b6a
b9486ad480bb2510fd6e920a6fc7a2170275af3f
6759e419649a00b82d39af24a8bf828370fbd5d90b8af6be72fe881a165b1934
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:54 GMT
Expires: Tue, 31 Jan 2023 22:57:53 GMT
Etag: "b9486ad480bb2510fd6e920a6fc7a2170275af3f"
Cache-Control: max-age=316689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca301de80b39-OSL
img.swtuchuang1.com/upload/vod/20220405-1/8591a5997f8f6ad59e8ae4543fefb67e.jpg
154.12.54.76200 OK 6.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/8591a5997f8f6ad59e8ae4543fefb67e.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 32x27, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 1adbf217497837291b54f5aec53cc328
de9ea55f3d9e8ff59c1346a12905f61a4e4cb128
6c11189b2f5a4605b86b928c59872599e429f33451ccf9e49cf4625b6e4e122c
GET /upload/vod/20220405-1/8591a5997f8f6ad59e8ae4543fefb67e.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: image/jpeg
Content-Length: 6848
Last-Modified: Sun, 04 Sep 2022 18:07:45 GMT
Connection: keep-alive
ETag: "6314e971-1ac0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ad0369c2f3ab7450ad48b1657675b6a
b9486ad480bb2510fd6e920a6fc7a2170275af3f
6759e419649a00b82d39af24a8bf828370fbd5d90b8af6be72fe881a165b1934
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:54 GMT
Expires: Tue, 31 Jan 2023 22:57:53 GMT
Etag: "b9486ad480bb2510fd6e920a6fc7a2170275af3f"
Cache-Control: max-age=316689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca305bab0b51-OSL
img.swtuchuang1.com/upload/vod/20220405-1/3d8626f9df6bb4655b0636f852d8206b.jpg
154.12.54.76200 OK 12 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/3d8626f9df6bb4655b0636f852d8206b.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7e59d433602727db5ef7216ba5451c97
7a993166192010ff5c57f077aa0b91362785cb4b
536ca3571a61f9a277dd621d6728897ffa6d99df1748249852b03b0b43c622ee
GET /upload/vod/20220405-1/3d8626f9df6bb4655b0636f852d8206b.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: image/jpeg
Content-Length: 11646
Last-Modified: Sun, 04 Sep 2022 16:42:17 GMT
Connection: keep-alive
ETag: "6314d569-2d7e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-1/ab56cb57328bf839fbc221622d6c1b21.jpg
154.12.54.76200 OK 8.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/ab56cb57328bf839fbc221622d6c1b21.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 36dfc69a6f2ea3c1dcc61990d086195a
a740c4323b93b6fe8a92b55647ad911ce0cb3e77
5d66a2d87299491e3e455ebaf411800c37014f438aa9748939aab6719802fce7
GET /upload/vod/20220405-1/ab56cb57328bf839fbc221622d6c1b21.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: image/jpeg
Content-Length: 8781
Last-Modified: Sun, 04 Sep 2022 18:06:20 GMT
Connection: keep-alive
ETag: "6314e91c-224d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/video-mask.png
156.248.236.202200 OK 107 B URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/video-mask.png
IP 156.248.236.202:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/waydoaxn/images/video-mask.png HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Accept-Ranges: bytes
ETag: "b0b58b8a22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 107
jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/video-play.png
156.248.236.202200 OK 1.6 kB URL HTTP/1.1 jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/images/video-play.png
IP 156.248.236.202:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/waydoaxn/images/video-play.png HTTP/1.1
Host: jklliu-nioink-vgfdxg-8997.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/template/waydoaxn/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Accept-Ranges: bytes
ETag: "4081698d22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:49:39 GMT
Content-Length: 1567
img.swtuchuang1.com/upload/vod/20220405-1/d7458a637f62b7930159b69cf452c923.jpg
154.12.54.76200 OK 11 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/d7458a637f62b7930159b69cf452c923.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash b4f6f7b038d0f1887637aa14c9aae976
b2ced05fc1902b21ead3faacda9f95d5df231e70
d0bd2dcbd22715db49381834a2644854b820e159d074af65881101cb72009559
GET /upload/vod/20220405-1/d7458a637f62b7930159b69cf452c923.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: image/jpeg
Content-Length: 10784
Last-Modified: Sun, 04 Sep 2022 16:21:42 GMT
Connection: keep-alive
ETag: "6314d096-2a20"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-1/91eac44b48dd1dfb2131e25be30d8b20.jpg
154.12.54.76200 OK 7.1 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/91eac44b48dd1dfb2131e25be30d8b20.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ff329aa9f45fa304f8c60dcaec4a5ce2
4786d5fdc536ec7b900ba42194bff1ad8ba64a23
02181eae481436ffad85c4d09124e4a4d89de9028990c5cf0ca0b012e6207d05
GET /upload/vod/20220405-1/91eac44b48dd1dfb2131e25be30d8b20.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:43 GMT
Content-Type: image/jpeg
Content-Length: 7073
Last-Modified: Sun, 04 Sep 2022 18:06:49 GMT
Connection: keep-alive
ETag: "6314e939-1ba1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/6945c40aad1fb8f7ffac5630f65f2be9.jpg
154.12.54.76200 OK 15 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/6945c40aad1fb8f7ffac5630f65f2be9.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash e0a5763a619c143dba7883e5f9baff47
da5964f52822c5d8e66f004636de5706144e8728
a60c96dc8b6fb615257377efdf0ba76dd92db2fe2b5b2b83aa9c6e24a179ba1d
GET /upload/vod/20220405-14/6945c40aad1fb8f7ffac5630f65f2be9.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 15270
Last-Modified: Sun, 04 Sep 2022 16:50:32 GMT
Connection: keep-alive
ETag: "6314d758-3ba6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/a2d45bf34699f88a1cb260ce8892ac90.jpg
154.12.54.76200 OK 12 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/a2d45bf34699f88a1cb260ce8892ac90.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 69bcf9445d4fefa3a93ea59b9dc57463
489d5616fc460ec4279cc4c311dbd439e7ae7f18
4e69cd8c40ae9c5d05c5735255d7513899d831a60b708fccfe855b5676d8d2b4
GET /upload/vod/20220405-14/a2d45bf34699f88a1cb260ce8892ac90.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 12235
Last-Modified: Sun, 04 Sep 2022 17:24:24 GMT
Connection: keep-alive
ETag: "6314df48-2fcb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/7037dc513ee90241f83a2975f76faa98.jpg
154.12.54.76200 OK 9.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/7037dc513ee90241f83a2975f76faa98.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 8eefce622f7ac1ee7be0e00e01d911fe
d8b7e73f3cd28bc2e9283054dda86c274251cac1
f25d7886a6e575277dfe0f920f229f3ecf09f7b7dcfdf5d9385240cad2b8a9c3
GET /upload/vod/20220405-14/7037dc513ee90241f83a2975f76faa98.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 9804
Last-Modified: Sun, 04 Sep 2022 18:07:58 GMT
Connection: keep-alive
ETag: "6314e97e-264c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-13/c9eaea907453e96430e7b6f69ba5d44f.jpg
154.12.54.76200 OK 10 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-13/c9eaea907453e96430e7b6f69ba5d44f.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 4db719fa3172981c8c89dae010133c63
ad801dd516ca0445b39f13aef70218e4509a6ff3
e9deae61cc1c33028f3a925b8eb7fbb4946e02730205115fd93ebe1f30a92b0b
GET /upload/vod/20220405-13/c9eaea907453e96430e7b6f69ba5d44f.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 10482
Last-Modified: Sun, 04 Sep 2022 16:18:52 GMT
Connection: keep-alive
ETag: "6314cfec-28f2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/849df0c8e6733f2037415178866c8b40.jpg
154.12.54.76200 OK 4.7 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/849df0c8e6733f2037415178866c8b40.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 6e9211bcbf643781ac9f13f80ad7bbfb
1f6b5070c8fc30828afb204e155406621cf29dbb
9a76c58a234abda9ea131ddad1aa3f14b411671e63dfc33038cca36f6567f072
GET /upload/vod/20220405-14/849df0c8e6733f2037415178866c8b40.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 4704
Last-Modified: Sun, 04 Sep 2022 18:06:22 GMT
Connection: keep-alive
ETag: "6314e91e-1260"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/ee1ed5b2490067c7a606d6334b7c4a8e.jpg
154.12.54.76200 OK 9.3 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/ee1ed5b2490067c7a606d6334b7c4a8e.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2544f3567746adb4d5d688fac4227a75
19bde1933b39fe75dba512bd3c28844eb9eed113
38cb63c10b9fdf25155d7fd01a1fdba21e314d40ce3be26c1b17bfcbc4fcf529
GET /upload/vod/20220405-14/ee1ed5b2490067c7a606d6334b7c4a8e.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 9270
Last-Modified: Sun, 04 Sep 2022 16:51:42 GMT
Connection: keep-alive
ETag: "6314d79e-2436"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=507640487&si=cb88ac5dbd94adffa8608e5d2f29103e&v=1.3.0&lv=1&sn=10590&r=0&ww=1152&u=http%3A%2F%2Fwww.kkw0707.com%2F&tt=%E9%85%92%E6%B3%89%E6%B2%83%E5%8A%A3%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=507640487&si=cb88ac5dbd94adffa8608e5d2f29103e&v=1.3.0&lv=1&sn=10590&r=0&ww=1152&u=http%3A%2F%2Fwww.kkw0707.com%2F&tt=%E9%85%92%E6%B3%89%E6%B2%83%E5%8A%A3%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=507640487&si=cb88ac5dbd94adffa8608e5d2f29103e&v=1.3.0&lv=1&sn=10590&r=0&ww=1152&u=http%3A%2F%2Fwww.kkw0707.com%2F&tt=%E9%85%92%E6%B3%89%E6%B2%83%E5%8A%A3%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kkw0707.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:49:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F0FCCD611F1D1203; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img.swtuchuang1.com/upload/vod/20220405-14/41e83d1241ddf9d8271e57c7a47e6515.jpg
154.12.54.76200 OK 14 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/41e83d1241ddf9d8271e57c7a47e6515.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 262088f8bfc9765b2472032caf024f9e
19cfb9a6e1c2cbe8843ed42c0631adcd6cc7babd
c3b2b220faec6b25c4e0602da729fe7c2a5bef8a11a16652c7d3092177e5d23d
GET /upload/vod/20220405-14/41e83d1241ddf9d8271e57c7a47e6515.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 13738
Last-Modified: Sun, 04 Sep 2022 16:50:32 GMT
Connection: keep-alive
ETag: "6314d758-35aa"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/2a89df0cc46b313f6eee0e6a5ef63d38.jpg
154.12.54.76200 OK 8.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/2a89df0cc46b313f6eee0e6a5ef63d38.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 123192244c135663b64760be52a38842
bcf4a4b98373f47ba2bdb59e16edcb59b82a2265
4d418949034e361df00054784ddf6e61dcd56ecc244c16fe1df7ade0fa36f942
GET /upload/vod/20220405-14/2a89df0cc46b313f6eee0e6a5ef63d38.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 8794
Last-Modified: Sun, 04 Sep 2022 16:50:50 GMT
Connection: keep-alive
ETag: "6314d76a-225a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/2766a2f2c18319d44516b5aa018324be.jpg
154.12.54.76200 OK 5.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/2766a2f2c18319d44516b5aa018324be.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 101x135, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash bac6e6544d49e2f2cb016eb26ef3f0d3
bb6bbb723cfbb79ac617c3d99690527a10914662
19ee3048857e94e07cd027c4684d6c0f4d57d79d8f3fa505d841af7dbde1b422
GET /upload/vod/20220405-14/2766a2f2c18319d44516b5aa018324be.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 5758
Last-Modified: Sun, 04 Sep 2022 16:24:29 GMT
Connection: keep-alive
ETag: "6314d13d-167e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-14/48b4ab5fb8dae777ccad8ea5ebe31fa0.jpg
154.12.54.76200 OK 5.1 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-14/48b4ab5fb8dae777ccad8ea5ebe31fa0.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 2427x1616, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b6538e264453d7dfa1ca04aee66176fc
8900dacbbc3189b4949e719859a289ca15ee043c
c308d94fc8988aa4c3d85e3e8c70e74dd71aea5cd83d2c6d2cfc7602051c4618
GET /upload/vod/20220405-14/48b4ab5fb8dae777ccad8ea5ebe31fa0.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 5102
Last-Modified: Sun, 04 Sep 2022 17:24:24 GMT
Connection: keep-alive
ETag: "6314df48-13ee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-1/b295675830e3a2e4843be2d9127cfcf1.jpg
154.12.54.76200 OK 11 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-1/b295675830e3a2e4843be2d9127cfcf1.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 581a12530fb40d135ff0ca6a2bcd9513
08cbb2bed664b5543983e4577787a0b633f65592
c7c25a16ae4f38a43e61be7f8454fe1ef179a1210dd57409bb3993644371fa00
GET /upload/vod/20220405-1/b295675830e3a2e4843be2d9127cfcf1.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 10686
Last-Modified: Sun, 04 Sep 2022 16:54:15 GMT
Connection: keep-alive
ETag: "6314d837-29be"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-2/b92e9a068001c1e95b0a6d8cdec9c997.jpg
154.12.54.76200 OK 6.5 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-2/b92e9a068001c1e95b0a6d8cdec9c997.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1fd6894fea56793db57c87a89ed5704e
81a538bf5d1b360d3d6dbf4e20ce94bd9b862e94
59c16b625091a5b78e6a7f5d6927171ef985023995837ed5b138ad79986cfab6
GET /upload/vod/20220405-2/b92e9a068001c1e95b0a6d8cdec9c997.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 6493
Last-Modified: Sun, 04 Sep 2022 18:06:52 GMT
Connection: keep-alive
ETag: "6314e93c-195d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-2/c9d78e3f88851df00628e0f8deb24dd0.jpg
154.12.54.76200 OK 14 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-2/c9d78e3f88851df00628e0f8deb24dd0.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash ce08acebe1dae02551928aa36795dec5
20260bdee8b3ba4802b35e4018ce983d1a996235
ca4b2ec974b51600dddaa3bbc321352e4ce631767d94686c4dc799e5eb19fcfe
GET /upload/vod/20220405-2/c9d78e3f88851df00628e0f8deb24dd0.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 14039
Last-Modified: Sun, 04 Sep 2022 18:08:25 GMT
Connection: keep-alive
ETag: "6314e999-36d7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-2/57b8f0bbe7ecd0a0b81291d515248f80.jpg
154.12.54.76200 OK 4.8 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-2/57b8f0bbe7ecd0a0b81291d515248f80.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5eb28668f65ffca046928f36284b63da
c07906d45fa157e8feb9554d1b4246cc94cd1723
b2591b8f75f6c7b831e540ef90cad5563f2f943aa21adde8c21e4c5e4ecce957
GET /upload/vod/20220405-2/57b8f0bbe7ecd0a0b81291d515248f80.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 4803
Last-Modified: Sun, 04 Sep 2022 18:07:43 GMT
Connection: keep-alive
ETag: "6314e96f-12c3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.swtuchuang1.com/upload/vod/20220405-2/0f274e8ce27e9e20cf1d3992caf6a165.jpg
154.12.54.76200 OK 10 kB URL HTTP/1.1 img.swtuchuang1.com/upload/vod/20220405-2/0f274e8ce27e9e20cf1d3992caf6a165.jpg
IP 154.12.54.76:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4b415f9f25a44bb1b99854233a81ecf0
db83eb026794bc17ef118691d1cd21956c05621f
a7fc579f6488a4b704b2e52e3b07a9d93c0a6be795aa13416cc2659d1c060626
GET /upload/vod/20220405-2/0f274e8ce27e9e20cf1d3992caf6a165.jpg HTTP/1.1
Host: img.swtuchuang1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 06:49:44 GMT
Content-Type: image/jpeg
Content-Length: 10347
Last-Modified: Sun, 04 Sep 2022 18:07:15 GMT
Connection: keep-alive
ETag: "6314e953-286b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.18200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.18:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 27 Jan 2023 14:19:45 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: d1RmfipU7e8Q5ldGQ_DIHdVW_tIUH-hKCTq23BCvQ21mi7MsVRCPJQ==
age: 59399
X-Firefox-Spdy: h2
kvezz.com/d8766c5ff8e42ad5dafb8044a9ffd1e1.gif
13.227.254.18200 OK 38 kB URL HTTP/2 kvezz.com/d8766c5ff8e42ad5dafb8044a9ffd1e1.gif
IP 13.227.254.18:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 84051de17ff2fbe6c2af3e15319f4de8
a8013e3dbbd4bbe5bb25e2ee1da2e34f2c5b8a47
62801552ce63b30c91b5e476981f7d85e808025c2e15d82bcb103b3884f64ad8
GET /d8766c5ff8e42ad5dafb8044a9ffd1e1.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 37847
last-modified: Mon, 19 Dec 2022 08:26:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 28 Jan 2023 03:41:59 GMT
etag: "84051de17ff2fbe6c2af3e15319f4de8"
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: uXXxg7O_a5Sgewz3-XxpvAGJYEQcwMMjzGK-bZ0_L-94Yd8bVFpZ0w==
age: 11266
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
13.227.254.82200 OK 354 kB URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 13.227.254.82:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 354 kB (354278 bytes)
Hash c6442fd82dd00372e745f394887172f2
dc8ce1d9b050eb7b70c1e47e815169c8ffdc77b9
813a5a49ef0682cdb74754e84f7b5d0159392b1fef69ec06e2875388e97d8843
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 354278
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
accept-ranges: bytes
x-amzn-internal-status: 206
server: AmazonS3
date: Sat, 28 Jan 2023 00:58:06 GMT
etag: "c6442fd82dd00372e745f394887172f2"
x-cache: Hit from cloudfront
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: hp4-iLuww6ng4WdDlL_u03Cho8NVAzDb6US1pK7b0FwUi8EMLx2Pcw==
age: 21100
X-Firefox-Spdy: h2
kzeaa.com/57d302c9956928857573010dc47c3edf.gif
13.227.254.82200 OK 19 kB URL HTTP/2 kzeaa.com/57d302c9956928857573010dc47c3edf.gif
IP 13.227.254.82:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 82e93de0d6bacd9bbfc18484a9e3eb94
5f955448a7c50cfd5d10d165f93694f1c46f9586
64902a334f6802036c61101f282dcf57faf1698eae2938434527b7041fe5a1ca
GET /57d302c9956928857573010dc47c3edf.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 18648
date: Fri, 27 Jan 2023 16:37:19 GMT
last-modified: Mon, 19 Dec 2022 07:50:07 GMT
etag: "82e93de0d6bacd9bbfc18484a9e3eb94"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: GAnYolXJWh7Z_9oybIp6C73XuwiMqi0vfmr0knJHDuN7Y_5doYsktQ==
age: 51146
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
13.227.254.48200 OK 566 kB URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 13.227.254.48:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 565615
date: Fri, 27 Jan 2023 20:27:40 GMT
last-modified: Mon, 19 Dec 2022 09:06:43 GMT
etag: "6a2c609ad0c46bb1b8d9cd39eacde625"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: JNy0h22EaMn_qRrbj70AYW07Lj-JCwu6VZj8LttQiTdnAF_6yGdAuA==
age: 37325
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash cb4e4765237d094ab9fb77780b9c2297
7870d8fec9c733ac89b2f30a8cb741744c96583e
4cbc55a05722949b0476181e5b3289f6683126790f38242ef26966a97195115d
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: c0b108b4-699a-411a-855b-9bb75c5e855d
Content-Length: 1701
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 338305cc1cdf843b573ed190d1bf6d6b
a25fb2bbeca7c549f69bb645254e453e14b8c530
8ada580b1b385c34d0eb63da8c2e8a8c8a540e3e9b61820be664c72afdae3d3f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:15:05 GMT
Expires: Sat, 28 Jan 2023 21:15:05 GMT
ETag: "a25fb2bbeca7c549f69bb645254e453e14b8c530"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 338305cc1cdf843b573ed190d1bf6d6b
a25fb2bbeca7c549f69bb645254e453e14b8c530
8ada580b1b385c34d0eb63da8c2e8a8c8a540e3e9b61820be664c72afdae3d3f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:15:05 GMT
Expires: Sat, 28 Jan 2023 21:15:05 GMT
ETag: "a25fb2bbeca7c549f69bb645254e453e14b8c530"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 638bc5efb731ef1e9d23447b616a7ade
988e9932bac29ff18e74a646ae8a35d14c3d7def
40d7ac43823154a64c87d5b17fe9bcef9b8750f3eb8e131170ca27f546be5b6e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "40D7AC43823154A64C87D5B17FE9BCEF9B8750F3EB8E131170CA27F546BE5B6E"
Last-Modified: Fri, 27 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16837
Expires: Sat, 28 Jan 2023 11:30:22 GMT
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13309
Expires: Sat, 28 Jan 2023 10:31:34 GMT
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01d78e0bafdf4cbe227afc503124bc55
e2d21a694342773ccbace4742c4b047e7ce92e1c
3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4641
x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5FJGoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c"
content-type: image/jpeg
age: 31987
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 29012
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97118e74a8f60620950e42a11c11d71b
d144bbb82392a6103810ac9baa5346ddbefb5c16
2ce0c9696cf9842243186e86bae28c22896a9f51837f4961b6c7e3cfdfb24bd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3774
x-amzn-requestid: deae2f1e-baec-408c-92a7-4859d4afed47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EgFAgoAMFXRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b6-32a2ff1a369e7b5f41ecbabd;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYb0x8jVdY5lPTL7paxqk8J2gDYs4Hn27fAtzxJ3CapnyWOHulqy4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:09 GMT
age: 32436
etag: "d144bbb82392a6103810ac9baa5346ddbefb5c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 30922
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 31979
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b5b797e164d0f2c91200829d1ec90f8
15a55176d8e55b6816acabae5c7cc3e4528648c9
16eb29148856512f556b22b86a153e54032caaf98dbf141119f8c126e009591f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7395
x-amzn-requestid: 166e5623-fc91-4b12-80c8-f5e1a762b387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-ELH3eIAMF56w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b4-439b5d2b67b9347d4d634d9d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L1BWTWAPsW5tfkJO0UBR4dKoW3_0Le7QhZLjBxtsY0fmf7cwEYWrMQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:07 GMT
age: 32438
etag: "15a55176d8e55b6816acabae5c7cc3e4528648c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d49b579574f26b37253294e6921452a
8003d0b0d1e7dee5336fed3425ce7b01cc1a62af
4254bf64f15d93cbd4d90644658cc3162d1a0ac63502e3a69ce1f06989acb219
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4254BF64F15D93CBD4D90644658CC3162D1A0AC63502E3A69CE1F06989ACB219"
Last-Modified: Fri, 27 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16006
Expires: Sat, 28 Jan 2023 11:16:31 GMT
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3a6a68b515-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3a6cc40b59-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3a6b0bb527-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3a68f6b523-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3a6f320b65-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 789dcd10ab5818a873442245666594f1
ea65e4004d683034f7954df2c43a396a5c1cd71e
4d869d8a91347647b652f8b3c7c568e953a765421e7fefd66b117ba26ff65639
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D869D8A91347647B652F8B3C7C568E953A765421E7FEFD66B117BA26FF65639"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3064
Expires: Sat, 28 Jan 2023 07:40:49 GMT
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 003d99114f7604f811a9bf5d74013d48
1f9f9b426ba5e3a74a391f25ade00f1af9aaf544
575492a1a47b8fb64e556941dae15f286d2a47e8581d3301d283ee871ac03945
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:05:42 GMT
Expires: Tue, 31 Jan 2023 22:05:41 GMT
Etag: "1f9f9b426ba5e3a74a391f25ade00f1af9aaf544"
Cache-Control: max-age=313555,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3bb979b511-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3f46a3ec024065523622f0a8c9440e63
cad401ce0b0fbba8f0080dd23ec2a05e92dea5d1
1d6353bb5ad2bacbe33f42ac233b53af5df483109c0c2bedd887dc3dbfe79a69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:11:02 GMT
Expires: Thu, 02 Feb 2023 14:11:01 GMT
Etag: "cad401ce0b0fbba8f0080dd23ec2a05e92dea5d1"
Cache-Control: max-age=457875,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3acce2b500-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash ede55f5cec2a80470571faf7986e5506
561daaa9b875ad7085d786bc868a36bc24c17d1e
60c25584d2129500d78484c0f24a33d7dfc2a58585351693d45caffe5cd383ce
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:34:26 GMT
Expires: Wed, 01 Feb 2023 13:34:25 GMT
Etag: "561daaa9b875ad7085d786bc868a36bc24c17d1e"
Cache-Control: max-age=369279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3bf9e3b4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 34cf418f164749919e942df2c3d06b53
1b0e528842d36a81e23f51c91721e90a3408002f
308af236aed80b218a0991b353557c08730d57d2fdbaa0cc4decc781564f3005
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 01:44:18 GMT
Expires: Fri, 03 Feb 2023 01:44:17 GMT
Etag: "1b0e528842d36a81e23f51c91721e90a3408002f"
Cache-Control: max-age=499471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3b6997b4ee-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 760ba30dd68a4706561b64c53b474d86
b24599062e427efcc7d6ed9e457e2bcff72731bf
bbf0d2f6c7faabb10d6735c7d011958d47971f577660e79ddfd835ffcd3d60fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBF0D2F6C7FAABB10D6735C7D011958D47971F577660E79DDFD835FFCD3D60FB"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9440
Expires: Sat, 28 Jan 2023 09:27:05 GMT
Date: Sat, 28 Jan 2023 06:49:45 GMT
Connection: keep-alive
pic.picnewsss.com/tu-2022290039/960-70.gif
23.225.139.251200 OK 231 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/960-70.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 231 kB (231392 bytes)
Hash 51a1b4bde78191c061cc01e042917960
b86e90da3103d2fc61a5bce109060f4ef5b1cddf
c5e19d84bdd325fb8cc9aa5e96ebdc0c7f3d3610c85758dd24983095ffb704be
GET /tu-2022290039/960-70.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Sat, 28 Jan 2023 04:54:19 GMT
etag: "1674887334"
expires: Mon, 27 Feb 2023 04:54:19 GMT
last-modified: Sat, 28 Jan 2023 06:28:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 231392
X-Firefox-Spdy: h2
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
13.227.254.125200 OK 29 kB URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP 13.227.254.125:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 29082
last-modified: Mon, 19 Dec 2022 08:53:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 28 Jan 2023 00:03:13 GMT
etag: "a763cce2c7bc3f7bfaa94981d8d9ff47"
x-cache: Hit from cloudfront
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EFwMNpV2aEczcZ7WypyDO4T0zAAajK5hXxcFqxpSmN-wRhTjJt-g4w==
age: 24393
X-Firefox-Spdy: h2
339282bdb.com/51af2492ce0f44c3bc75c996ee311b15.gif
45.61.212.224200 OK 21 kB URL HTTP/1.1 339282bdb.com/51af2492ce0f44c3bc75c996ee311b15.gif
IP 45.61.212.224:0
File type GIF image data, version 89a, 180 x 180\012- data
Hash 07ccc0b877ff07608500e45e78915a0a
e9972b6f1517b3c5dadcde11212bcfd3a51c2abd
5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed
Analyzer Verdict Alert quad9 Sinkholed
GET /51af2492ce0f44c3bc75c996ee311b15.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635e20c7-51df"
Date: Wed, 07 Dec 2022 07:13:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 30 Oct 2022 06:59:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-24
Content-Length: 20959
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/66X66.gif
47.75.19.46200 OK 36 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/66X66.gif
IP 47.75.19.46:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 66 x 66\012- data
Hash da0800a5f4df960bb85a5b03e50f9f77
4d122c3c786b367c1d94c57e79e55fb933695209
8d78241171490168d4378bfd35ee6a474423fcf0d644a92d36b9b09b180c17f2
GET /gg/66X66.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Content-Length: 36349
Connection: keep-alive
x-oss-request-id: 63D4C589F27FBE3234819E83
Accept-Ranges: bytes
ETag: "DA0800A5F4DF960BB85A5B03E50F9F77"
Last-Modified: Sat, 09 Jul 2022 12:36:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18107319261392544870
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 2ggApfTflgu4WlsD5Q+fdw==
x-oss-server-time: 1
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 36ca8e76005ebed884db97fa5b05e697
aded8c1fd6ad9a9a8340d1bc613ce151c795bfa6
6e08189f26a2238dafafeaded3acd1b5afffd7396cf1ef65875dd91b529bc1c3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:15:33 GMT
ETag: "aded8c1fd6ad9a9a8340d1bc613ce151c795bfa6"
Last-Modified: Sat, 28 Jan 2023 05:15:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 295
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca3f5ed91c16-OSL
585227ybn.com/e0495f2b3e4e40fe964dd95843989902.png
45.61.212.124200 OK 72 kB URL HTTP/1.1 585227ybn.com/e0495f2b3e4e40fe964dd95843989902.png
IP 45.61.212.124:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 0648e9d6710a7b0983a7146e0b403573
e431d5175ea33bbfd6f9af1fb3c9914872d79a35
8da4dd1361cf5dc8b93b3002da41c390081d1ccf0d186c3492513af10c4690b6
Analyzer Verdict Alert quad9 Sinkholed
GET /e0495f2b3e4e40fe964dd95843989902.png HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63774533-1181f"
Date: Tue, 17 Jan 2023 14:55:14 GMT
Content-Type: image/png
Server: nginx
Last-Modified: Fri, 18 Nov 2022 08:41:23 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-24
Content-Length: 71711
xk3.me/img/sWQr/ogcr710Vb.gif
45.126.180.173200 OK 77 kB URL HTTP/1.1 xk3.me/img/sWQr/ogcr710Vb.gif
IP 45.126.180.173:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Hash 5597ae2e0baeaa579dbe8afc44768843
a3978adcdd2ec53a5a8fc23955491ebef8c33a11
3c7b7a3577738485a47ba41954dbf5415288a8a4320cd95f57c7470d3d537ef6
GET /img/sWQr/ogcr710Vb.gif HTTP/1.1
Host: xk3.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"77121-1673789061000"
Last-Modified: Sun, 15 Jan 2023 13:24:21 GMT
Expires: Sun, 12 Feb 2023 06:49:45 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: EXPIRED, HIT
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8acf1a8861adfe7261311bb7cc1587fc
fea195c799ece4ea0440f0dbcae61c0109f65e26
d610ab2db96c05d2d8f2186ae6fa1137daf086b8dfd02f0e123b247e7bb350d6
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 06:49:46 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bOKBLZA8KS8U012wS1DaX2zGa63ZFQgclS7Am0cNm8c917Xx_AOv_Q==
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a53c538d9b475ffd4b3bf1f449b5ac4f
a219949fa97428fa4f14cc2597b7108e511589f2
6f89d7950d7206ab453fb10495ffbed6ee62d6868d6f149a33592981934b63fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3605
Cache-Control: max-age=144329
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:49:46 GMT
Etag: "63d4483e-2d7"
Expires: Sun, 29 Jan 2023 22:55:15 GMT
Last-Modified: Fri, 27 Jan 2023 21:55:10 GMT
Server: ECS (amb/6B8E)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
47.246.44.226200 OK 460 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 460 kB (459882 bytes)
Hash 9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache1.se1[2,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 4647129
x-cache: HIT TCP_MEM_HIT dirn:9:1666449417
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516748885862185737e
X-Firefox-Spdy: h2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:42:48 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Mon, 27 Feb 2023 06:42:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/500281.gif
220.128.218.220404 Not Found 146 B URL HTTP/2 taiwtp1.com/img/500281.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /img/500281.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sat, 28 Jan 2023 06:42:48 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
8499258.com/8499/150x150.gif
172.247.50.229200 OK 185 kB URL HTTP/2 8499258.com/8499/150x150.gif
IP 172.247.50.229:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499258.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:49:45 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
xk3.me/img/sWQr/onusRhIGa.gif
45.126.180.173200 OK 101 kB URL HTTP/1.1 xk3.me/img/sWQr/onusRhIGa.gif
IP 45.126.180.173:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 101 kB (101378 bytes)
Hash 7ee65d5fd569b773795d78e69c9259a5
912aa662437a126f1968fd227b2e3776c67e54cc
b17effd8c4f1d0f6ec366b792ede1b9729d57411f723d53cd57c7d971ffbc859
GET /img/sWQr/onusRhIGa.gif HTTP/1.1
Host: xk3.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"102652-1667570973000"
Last-Modified: Fri, 04 Nov 2022 14:09:33 GMT
Expires: Sun, 12 Feb 2023 06:49:45 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25
47.246.44.226200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Wed, 21 Dec 2022 02:02:08 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 21 Dec 2022 02:02:08 GMT
nw-session-id: 2022122110020839075779AC59F7A82F77wh6lg03dy
nw-session-trace: 2022-12-21T10:02:08.89539774+08:00 58
x-bdcdn-cache-status: TCP_MISS
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 21 Dec 2022 10:02:08 GMT
x-tt-logid: 2022122110020839075779AC59F7A82F77
via: n204-100-024, cache8.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[13,0], cache7.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc01:17:87::137
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01ed96023a7d7bc9951d3ab5aaef35c328c42ed14e6b84933d8e0bfb3486b2508303118618a7b46b2d58255677ff9569219a2247cace959db46489bff1e1c0d10d48f33fb297da829c08af81ec0edc0b5b58712f942ba2553b35ae0dcf6ed78399
x-response-lb: image
ali-swift-global-savetime: 1671588128
age: 3300458
x-cache: HIT TCP_MEM_HIT dirn:5:71344698 mlen:0
x-swift-savetime: Wed, 21 Dec 2022 20:26:55 GMT
x-swift-cachetime: 31469713
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516748885864485860e
X-Firefox-Spdy: h2
828239sam.com/bc302a66663b4d6eb34d38626fc65c6e.gif
45.61.212.127200 OK 535 kB URL HTTP/1.1 828239sam.com/bc302a66663b4d6eb34d38626fc65c6e.gif
IP 45.61.212.127:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 535 kB (535167 bytes)
Hash 28099e38f8c7e002553955e950a6f507
e52446e82f61cb8a48a0d38a06c95221168373dc
0444cfb5c99115355c739c2a660f75ac7090d15e5814893a384efdebd28f4dd9
Analyzer Verdict Alert quad9 Sinkholed
GET /bc302a66663b4d6eb34d38626fc65c6e.gif HTTP/1.1
Host: 828239sam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63d3bc42-82a7f"
Date: Fri, 27 Jan 2023 12:26:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 27 Jan 2023 11:57:54 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 535167
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6e459f8eae2316b99dc66fa2c7f27f1f
a859c867fd26d4633a58d74a15e77dd4a037f94f
434f61cc351135aa4f20660c9606fb2eaf36f0e887d589fe1a06c92df56ebb0c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 11:33:03 GMT
Expires: Wed, 01 Feb 2023 11:33:02 GMT
Etag: "a859c867fd26d4633a58d74a15e77dd4a037f94f"
Cache-Control: max-age=361995,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3e8b28b511-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/252541bd7f77490589b122a5e2b21d2e
47.246.44.226200 OK 351 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/252541bd7f77490589b122a5e2b21d2e
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 300\012- data
Size 351 kB (351234 bytes)
Hash 39ef502ad1ce6f429e8846e8e65bc04b
0804f60406b41f1ca40c0599f6e2a169bbe12a1a
2462fe78aa026c6273f241c73eec2b3986374c3e7ecb05c5dca46bc4b6b07851
GET /obj/tos-cn-i-dy/252541bd7f77490589b122a5e2b21d2e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 351234
date: Fri, 23 Dec 2022 15:38:13 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 23 Dec 2022 13:42:51 GMT
nw-session-id: 20221223214251DC0ACB65C39497B64855w9jnf01dy
nw-session-trace: 2022-12-23T21:42:51.690041465+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 351234
x-powered-by: ImageX
x-response-date: Fri, 23 Dec 2022 21:42:51 GMT
x-tt-logid: 20221223214251DC0ACB65C39497B64855
via: n204-100-082, cache3.l2de2[0,0,206-0,H], cache25.l2de2[1,0], cache25.l2de2[1,0], cache7.se1[0,0,200-0,H], cache1.se1[3,0]
x-request-ip: fdbd:dc01:29:150::87
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 0105715415b7d020bb9d82b35e279142f0567fbc5a4b5d0469daf6a4bdc1318d09fc08d199956a7f44034632dd31749cc21e296588d86eafc7740d56e63ad5d1e5f3506dd55ab9ed619b8d2f1290688bc9bc3dcf75363fe73c653f3f99eea9c8fb
x-response-lb: image
ali-swift-global-savetime: 1671809893
age: 3078693
x-cache: HIT TCP_HIT dirn:5:325859112
x-swift-savetime: Fri, 23 Dec 2022 17:23:43 GMT
x-swift-cachetime: 31529670
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516748885865625903e
X-Firefox-Spdy: h2
yyhdemcmse1.com/294x130.jpg
60.244.96.139200 OK 43 kB URL HTTP/2 yyhdemcmse1.com/294x130.jpg
IP 60.244.96.139:0
ASN #24154 Asia Pacific Broadband Fixed Lines Co., Ltd.
File type GIF image data, version 89a, 130 x 294\012- data
Hash 10ac555fb267a033dd7fbb1eeb645c74
056ccc6bb364e9111befff842806116dd2370bb0
081db1bdc7345a96537bd243975ea429a6603ff5686a411dc3ba37994af7f1e5
GET /294x130.jpg HTTP/1.1
Host: yyhdemcmse1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:49:45 GMT
content-type: image/jpeg
content-length: 42744
last-modified: Thu, 07 Apr 2022 11:28:32 GMT
etag: "624ecae0-a6f8"
expires: Mon, 27 Feb 2023 06:49:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21038913.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21038913.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash de122beb15d75dbfceb39987a34fa1cb
c11c8ee5fa34f31a07909196a068362f0e7cc736
356aad4374691c9925d951afda2c7b30e54446f061ec9560166fb22f2ab0dd96
GET /21038913.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 28 Jan 2023 06:49:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=113641a5d6a4257502d; path=/
HWWAFSESTIME=1674888585679; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X120.gif
47.75.19.46200 OK 212 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X120.gif
IP 47.75.19.46:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 212 kB (212323 bytes)
Hash 1e7356e466a72b7c5d137501da414a9e
0ed2f34eabe2609bc15e05bf3e4a9d598519404e
f93680cd55fe1803408a139984dbe3e18ea2e9c6b184ab8ce353a68dc17878a7
GET /gg/960X120.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Content-Length: 212323
Connection: keep-alive
x-oss-request-id: 63D4C5890E14E436320BF448
Accept-Ranges: bytes
ETag: "1E7356E466A72B7C5D137501DA414A9E"
Last-Modified: Sat, 17 Sep 2022 09:20:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14666006998441618956
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: HnNW5GanK3xdE3UB2kFKng==
x-oss-server-time: 5
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 871aefa5c6fef12632cb61b0cff1ef72
741abf1b4ff22595c3886831c7be2f7da7939684
13075880e96ff22e72fc720c4f231c15204611f214d3a8b6bdb0306269fb3cbb
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:46 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 19:17:55 GMT
Expires: Tue, 31 Jan 2023 19:17:54 GMT
Etag: "741abf1b4ff22595c3886831c7be2f7da7939684"
Cache-Control: max-age=303487,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907ca3f5bc6b4ee-OSL
img.3155a.com/images/63a59874585d8a55b3660a21.gif
3.36.126.81302 Found 503 B URL HTTP/2 img.3155a.com/images/63a59874585d8a55b3660a21.gif
IP 3.36.126.81:0
Hash 83bcd1cff1d78d95110169177b13953a
70781d2d62ed3c1b1203a7dc45a41a6f76d2f8b7
ef20271f4df6267a0f3c1c5c4435e612a00e865438cecdba528a50a489c98297
GET /images/63a59874585d8a55b3660a21.gif HTTP/1.1
Host: img.3155a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6ca1e76480ee36908c5b54c3b4ecdd7
e299d753b5f72023b0b3e8e39a34a75555ea3b1f
306b68bb6f75261e72fdd595150b81a2e4108ef5249bf90b9628b890bb980015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306B68BB6F75261E72FDD595150B81A2E4108EF5249BF90B9628B890BB980015"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 28 Jan 2023 12:49:46 GMT
Date: Sat, 28 Jan 2023 06:49:46 GMT
Connection: keep-alive
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/500X281.gif
47.75.19.46200 OK 301 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/500X281.gif
IP 47.75.19.46:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 281\012- data
Size 301 kB (301367 bytes)
Hash 79411f72e54fe27baf645b5c97ca51a2
27b7b2edda9c1c0c3320cb2c78ae228ff576cda7
97f652ab7cdc529e5a2d29b2b603b1374d4160635c48854fbb42b2750ec415f7
GET /gg/500X281.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Content-Length: 301367
Connection: keep-alive
x-oss-request-id: 63D4C5891F85633032FC00EC
Accept-Ranges: bytes
ETag: "79411F72E54FE27BAF645B5C97CA51A2"
Last-Modified: Fri, 29 Jul 2022 10:40:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2039214089364561757
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: eUEfcuVP4nuvZFtcl8pRog==
x-oss-server-time: 1
cdn-jinjutupian-cdn.com/jj/640-160.gif
172.247.80.60200 OK 102 kB URL HTTP/2 cdn-jinjutupian-cdn.com/jj/640-160.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 640 x 160\012- data
Size 102 kB (102217 bytes)
Hash 32d05120ecf8eee624df684e04289dab
03610e3030b2f6c6a706025fd8dbc9b82a68f0b4
81d241c89df61d338b60bfa9886971b37e072873a64084e772f02fccb8e5c7e6
GET /jj/640-160.gif HTTP/1.1
Host: cdn-jinjutupian-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:49:46 GMT
content-type: image/gif
content-length: 102217
last-modified: Wed, 28 Dec 2022 16:09:37 GMT
etag: "63ac6a41-18f49"
expires: Sun, 26 Feb 2023 15:42:28 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
66669aaa.com/8840e608aeea4a0fb084ab3030c69e7d.gif
45.61.212.127200 OK 577 kB URL HTTP/1.1 66669aaa.com/8840e608aeea4a0fb084ab3030c69e7d.gif
IP 45.61.212.127:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 577 kB (577413 bytes)
Hash f64cbeb43b40a06a467d403c4ee8f584
87df926cfc971f9af3784707b24eaf97a7acdf2a
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438
GET /8840e608aeea4a0fb084ab3030c69e7d.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a175a7-8cf85"
Date: Sun, 22 Jan 2023 21:44:04 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Dec 2022 08:43:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 577413
xk3.me/img/sWQr/o4Un2Zft1.gif
45.126.180.173200 OK 1.6 MB URL HTTP/1.1 xk3.me/img/sWQr/o4Un2Zft1.gif
IP 45.126.180.173:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626231 bytes)
Hash e782c1d3cfe2f6fca83def848c1b5f68
e2449dfd600cb7abfb85fcefe5a5dc79893ac3bc
3e9d3b2ec5b2b825c70d4961a121da02dae5869ad42338799d42656b626c7a26
GET /img/sWQr/o4Un2Zft1.gif HTTP/1.1
Host: xk3.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:49:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1626999-1669218436000"
Last-Modified: Wed, 23 Nov 2022 15:47:16 GMT
Expires: Sun, 12 Feb 2023 06:49:45 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: EXPIRED, HIT
8499223.com/8499/zzxx/960x120.gif
172.247.50.229200 OK 354 kB URL HTTP/2 8499223.com/8499/zzxx/960x120.gif
IP 172.247.50.229:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 354 kB (354036 bytes)
Hash 2d6d5452643b03b38c6f14f6306a0079
9e50430b6c7a04abfd8bdbc43dbf00a0595aa78f
1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c
GET /8499/zzxx/960x120.gif HTTP/1.1
Host: 8499223.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:49:46 GMT
content-type: image/gif
content-length: 354036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "566f4-5f092cf095cff"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 43f09adb61e3efa32a00dd41516c4281
7b28e5cb23be4809d95b7a20aefad04930e8b922
320d19ce51323016d8124cab864c783be58cbe20c6b86a7f1db5308083fa7b3d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:13:37 GMT
ETag: "7b28e5cb23be4809d95b7a20aefad04930e8b922"
Last-Modified: Sat, 28 Jan 2023 04:13:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 293
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca4a3b2d1c16-OSL
cdn-jinjutupian-cdn.com/jj/ce-AjuY.gif
172.247.80.60200 OK 925 kB URL HTTP/2 cdn-jinjutupian-cdn.com/jj/ce-AjuY.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 480 x 270\012- data
Size 925 kB (924689 bytes)
Hash 0e11450181933e0af68acede56915d20
7ad90c8cab580c0354fe9542eddafac37cbf43b1
569dc8df068a0ec4c77ab73704b63f0335ea7eaffa89c76b1f0fb2025d8b84a0
GET /jj/ce-AjuY.gif HTTP/1.1
Host: cdn-jinjutupian-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:49:47 GMT
content-type: image/gif
content-length: 924689
last-modified: Wed, 28 Dec 2022 16:38:44 GMT
etag: "63ac7114-e1c11"
expires: Sun, 26 Feb 2023 18:53:02 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0eafaeadc0e7248e7a769e0723733695
57563c66aa6f5be1979d7bc3411ca68d8a5500ab
8a665294ff265308d3a6229952ca71991f47ee0ee377a5ae645e83eabf70efea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:51:47 GMT
ETag: "57563c66aa6f5be1979d7bc3411ca68d8a5500ab"
Last-Modified: Sat, 28 Jan 2023 04:51:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca4bcbe51c16-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0eafaeadc0e7248e7a769e0723733695
57563c66aa6f5be1979d7bc3411ca68d8a5500ab
8a665294ff265308d3a6229952ca71991f47ee0ee377a5ae645e83eabf70efea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:51:47 GMT
ETag: "57563c66aa6f5be1979d7bc3411ca68d8a5500ab"
Last-Modified: Sat, 28 Jan 2023 04:51:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca4c0e39b515-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0eafaeadc0e7248e7a769e0723733695
57563c66aa6f5be1979d7bc3411ca68d8a5500ab
8a665294ff265308d3a6229952ca71991f47ee0ee377a5ae645e83eabf70efea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:49:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:51:47 GMT
ETag: "57563c66aa6f5be1979d7bc3411ca68d8a5500ab"
Last-Modified: Sat, 28 Jan 2023 04:51:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907ca4dad78fac0-OSL
ia.51.la/go1?id=21038913&rt=1674888588198&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE%25EF%25BC%258C%25E6%25AC%25A2%25E8%25BF%258E%25E6%2594%25B6%25E8%2597%258F%25E6%259C%25AC%25E7%25AB%2599%25E9%2595%25BF%25E6%259C%259F%25E8%25A7%2582%25E7%259C%258B%25EF%25BC%2581&ing=1&ekc=&sid=1674888588198&tt=%25E4%25BA%259A%25E6%25B4%25B2-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fjklliu-nioink-vgfdxg-8997.com%252F&pu=http%253A%252F%252Fwww.kkw0707.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21038913&rt=1674888588198&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE%25EF%25BC%258C%25E6%25AC%25A2%25E8%25BF%258E%25E6%2594%25B6%25E8%2597%258F%25E6%259C%25AC%25E7%25AB%2599%25E9%2595%25BF%25E6%259C%259F%25E8%25A7%2582%25E7%259C%258B%25EF%25BC%2581&ing=1&ekc=&sid=1674888588198&tt=%25E4%25BA%259A%25E6%25B4%25B2-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fjklliu-nioink-vgfdxg-8997.com%252F&pu=http%253A%252F%252Fwww.kkw0707.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21038913&rt=1674888588198&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE%25EF%25BC%258C%25E6%25AC%25A2%25E8%25BF%258E%25E6%2594%25B6%25E8%2597%258F%25E6%259C%25AC%25E7%25AB%2599%25E9%2595%25BF%25E6%259C%259F%25E8%25A7%2582%25E7%259C%258B%25EF%25BC%2581&ing=1&ekc=&sid=1674888588198&tt=%25E4%25BA%259A%25E6%25B4%25B2-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fjklliu-nioink-vgfdxg-8997.com%252F&pu=http%253A%252F%252Fwww.kkw0707.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 28 Jan 2023 06:49:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=d8d6612079e67cea644c; path=/
HWWAFSESTIME=1674888584173; path=/
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.4 MB (1368366 bytes)
Hash e2d39c8f7400e280a030d2973e264a40
aaae77607041010aaee190544bdbe9591a87d1f8
8c03d26da39edc9f28d4af8e91b1adefe9fdccff142178da3110a15bacf08134
GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:49:48 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=15552000
expires: Mon, 24 Jul 2023 10:58:01 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 244307
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-12 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674644281571-0-0-20-50-50;200;200-1674803875861-0-0-0-7-7;200-1674888588672-0-0-0-4-4
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif
121.226.246.3200 OK 131 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 131 kB (130902 bytes)
Hash 6179a193590bb24eaa36ebf361eeefc9
c38607726a6448e688a70e4495b877e501959939
f9e86721182cba557a2c72a9ce9a278bdb7bfee989f1bf2f79626cf6a9d24580
GET /ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:49:48 GMT
content-type: image/gif
content-length: 130902
cache-control: max-age=15552000
expires: Tue, 18 Jul 2023 06:55:55 GMT
last-modified: Fri, 25 Nov 2022 14:34:48 GMT
age: 777233
via: http/1.1 ORI-CLOUD-HUZ-MIX-14 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-12 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674111355499-0-0-16-34-34;200;200-1674458465969-0-0-0-3-3;200-1674888588672-0-0-0-4-4
X-Firefox-Spdy: h2
img.6576a.com/images/63a5b056585d8a55b3660bad.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.6576a.com/images/63a5b056585d8a55b3660bad.gif
IP 3.36.126.81:0
GET /images/63a5b056585d8a55b3660bad.gif HTTP/1.1
Host: img.6576a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/252541bd7f77490589b122a5e2b21d2e
X-Firefox-Spdy: h2
img.1158555.com/images/6390404f45534c848e7c9647.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1158555.com/images/6390404f45534c848e7c9647.gif
IP 3.36.126.81:0
GET /images/6390404f45534c848e7c9647.gif HTTP/1.1
Host: img.1158555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jklliu-nioink-vgfdxg-8997.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2