r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4895
Expires: Sat, 03 Dec 2022 03:57:32 GMT
Date: Sat, 03 Dec 2022 02:35:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2043
Cache-Control: max-age=116961
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:35:57 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:05:18 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6469
Expires: Sat, 03 Dec 2022 04:23:46 GMT
Date: Sat, 03 Dec 2022 02:35:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 02:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 960
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ziINRymtRkLcMo2hL0WdavfdHZPiIP5mYmXX7Y3Ky3EktkGvwKibh//3X1kNw4b/5DxdzZZAZys=
x-amz-request-id: RCD411TZ03ZXAQ3H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 01:46:56 GMT
age: 2941
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.elhadasnews.com/IIv/login.php
107.165.148.242200 OK 787 B URL HTTP/1.1 www.elhadasnews.com/IIv/login.php
IP 107.165.148.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 795fa1761d9e4ee521df0a1072257053
ebf4611db0a77d336b604f1648b43e8f57e1a3cd
ac3d76fbe31425c45920fcb045a6ea6e27ff4ca8076764437ded0848283ac49c
Analyzer Verdict Alert fortinet Phishing
GET /IIv/login.php HTTP/1.1
Host: www.elhadasnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 02:35:56 GMT
Content-Type: text/html
Content-Length: 787
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.elhadasnews.com/common.js
107.165.148.242200 OK 754 B URL HTTP/1.1 www.elhadasnews.com/common.js
IP 107.165.148.242:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash a76739c244296549b62f14b6bfe4d6c4
09d8bae7f294764f43642012018b79d4478c983f
b7de8ebf95ddba79660df0c2a4044f796d7fd52621b18a506e97d13c671a8a74
GET /common.js HTTP/1.1
Host: www.elhadasnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elhadasnews.com/IIv/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 02:35:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.elhadasnews.com/tj.js
107.165.148.242200 OK 526 B URL HTTP/1.1 www.elhadasnews.com/tj.js
IP 107.165.148.242:0
File type ASCII text, with CRLF line terminators
Hash 5a19509bc0a9a149941010dc14137d44
0062b852475a0011a58c8544698eb59cfab70fee
5e1000b4e899ddd1cf0b42b71c31b49f0a62de9ff241393694c40296fe56e473
GET /tj.js HTTP/1.1
Host: www.elhadasnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elhadasnews.com/IIv/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 02:35:56 GMT
Content-Type: application/x-javascript
Content-Length: 526
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 02:08:58 GMT
cache-control: public,max-age=3600
age: 1619
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2036
Cache-Control: max-age=111892
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:35:58 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:40:50 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elhadasnews.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 03 Dec 2022 02:35:58 GMT
Etag: "4078521116"
Expires: Sun, 03 Dec 2023 02:35:58 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=29651F1F101E96B99461C5EF7C6F08B5:FG=1; max-age=31536000; expires=Sun, 03-Dec-23 02:35:58 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9b6a5b26dbc40aa30a2cdc9f15035f1
4e7566608d389e1d4c5bf420cab01c0a15af57f9
23bb976f314a4cd255a82cf67958c021998c7764b16145b7214eb4cbcafaa3e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23BB976F314A4CD255A82CF67958C021998C7764B16145B7214EB4CBCAFAA3E9"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 08:35:58 GMT
Date: Sat, 03 Dec 2022 02:35:58 GMT
Connection: keep-alive
www.elhadasnews.com/favicon.ico
107.165.148.242200 OK 1.2 kB URL HTTP/1.1 www.elhadasnews.com/favicon.ico
IP 107.165.148.242:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.elhadasnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elhadasnews.com/IIv/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 02:35:57 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 08 Dec 2022 02:35:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b5524010ae855c31ae0384935af6f592
50f5fbee0a263b7defe41f0f9ef692a4fa60a657
0eab86c0d7952e53f85894a9c4e0575022f320986f35f057fe511b50bcda1da0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 00:55:32 GMT
ETag: "50f5fbee0a263b7defe41f0f9ef692a4fa60a657"
Last-Modified: Sat, 03 Dec 2022 00:55:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1437
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7738e979c8dc1bfa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b5524010ae855c31ae0384935af6f592
50f5fbee0a263b7defe41f0f9ef692a4fa60a657
0eab86c0d7952e53f85894a9c4e0575022f320986f35f057fe511b50bcda1da0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 00:55:32 GMT
ETag: "50f5fbee0a263b7defe41f0f9ef692a4fa60a657"
Last-Modified: Sat, 03 Dec 2022 00:55:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1437
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7738e979ce390b06-OSL
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7yuXk17NPrR70mKUj9N0Gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZGxrSaSBELAxVD/qH7IhEGqcVZY=
api.share.baidu.com/s.gif?l=http://www.elhadasnews.com/IIv/login.php
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.elhadasnews.com/IIv/login.php
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.elhadasnews.com/IIv/login.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elhadasnews.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 03 Dec 2022 02:35:58 GMT
hm.baidu.com/hm.js?3212658af343e9db79f26b605b2e5722
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3212658af343e9db79f26b605b2e5722
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 308ad4ef05b3771d0877f70bb589c6c2
2039d469a593a8f595095e1d0729147ad2e76693
e5af1f7c3dd407b4b4865d766df735d9bc7ce8e0fc4cf6a254461ba3a2ee4b8a
GET /hm.js?3212658af343e9db79f26b605b2e5722 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elhadasnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 02:35:58 GMT
Etag: fd7743c0fac50c6811cf78ea02f4e4ea
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A9FA0163F32E0E78; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?17bc7bded2c1dd89385ce8938f811764
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?17bc7bded2c1dd89385ce8938f811764
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 928e494f9a7185349fd54e33981531ab
389784abd5b4b4632d98c452c5ca09dceda34da5
746745b914637b64ab45c94454bf02ab2ffe24e173a80d325527b36f93b1efe5
GET /hm.js?17bc7bded2c1dd89385ce8938f811764 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elhadasnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 02:35:58 GMT
Etag: a65685a1490c857098976247626ceec9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1A87D597164EF8C5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7474
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 02:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7474
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 02:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7474
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 02:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7474
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 02:35:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 17885
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 76544
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce5811e1c83156e6a6d4557c33faafe5
ba23b3c6adc42832ccd60941123d78dab3e435d5
a9394a4f8f80733a19fb03bc3ad216f4e15c9ba7110e2e181272304ea2f3f2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3321
x-amzn-requestid: b418b18c-969e-4525-8263-0c910593f7fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN2HJaoAMFQ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-5196fa3028f5fb80160617af;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWBXvM2iS-PFfaBrG8uteifjCljCO_DnjEmXodiSvwN2Es_YkBWDLQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 17892
etag: "ba23b3c6adc42832ccd60941123d78dab3e435d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtaahzdJXnHSYwqIlHyqFy-LsdPl1Nh-CThm-x57bU3dUEgrfB1Gvw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 17892
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:46:23 GMT
age: 82176
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.3980011.com/news/index.php
173.231.12.93200 OK 5.4 kB URL HTTP/2 api.3980011.com/news/index.php
IP 173.231.12.93:0
Hash 9023e488cf7ea3acf05cd508d31b265f
5851e85043be5442ec0608124830318254e2c945
5ba6bf938fe305f0f6fd2802fdcc944707b8463ce23525087792abf90cb19194
GET /news/index.php HTTP/1.1
Host: api.3980011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elhadasnews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fbb3c395576134836e2df81d989df167
3095c1ce6429f2a08b285ebbeae3e95718fdcff6
c56f258cfe87f784db17a15f526e16c5f6e8a43119a2b00184794ce10fb2d0b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C56F258CFE87F784DB17A15F526E16C5F6E8A43119A2B00184794CE10FB2D0B2"
Last-Modified: Thu, 01 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Sat, 03 Dec 2022 08:35:34 GMT
Date: Sat, 03 Dec 2022 02:35:59 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1471419431&si=3212658af343e9db79f26b605b2e5722&v=1.3.0&lv=1&sn=6553&r=0&ww=1280&u=http%3A%2F%2Fwww.elhadasnews.com%2FIIv%2Flogin.php&tt=%E6%B7%84%E5%8D%9A%E6%80%80%E5%91%9B%E4%BA%92%E8%81%94%E7%BD%91%E5%95%86%E5%9F%8E%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1471419431&si=3212658af343e9db79f26b605b2e5722&v=1.3.0&lv=1&sn=6553&r=0&ww=1280&u=http%3A%2F%2Fwww.elhadasnews.com%2FIIv%2Flogin.php&tt=%E6%B7%84%E5%8D%9A%E6%80%80%E5%91%9B%E4%BA%92%E8%81%94%E7%BD%91%E5%95%86%E5%9F%8E%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1471419431&si=3212658af343e9db79f26b605b2e5722&v=1.3.0&lv=1&sn=6553&r=0&ww=1280&u=http%3A%2F%2Fwww.elhadasnews.com%2FIIv%2Flogin.php&tt=%E6%B7%84%E5%8D%9A%E6%80%80%E5%91%9B%E4%BA%92%E8%81%94%E7%BD%91%E5%95%86%E5%9F%8E%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elhadasnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 02:35:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=07207CEE38B3B9BE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.3980011.com/news/data.php
173.231.12.93200 OK 259 B URL HTTP/2 api.3980011.com/news/data.php
IP 173.231.12.93:0
Hash 2de3cfa64ca588d695cc98b775284f85
edfd620f86fc05ded2b5311aaa5043485d42963e
7f797128c106bf387540725a030062ee0098ee017931f35eee3d30a6b3457dfc
GET /news/data.php HTTP/1.1
Host: api.3980011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.3980011.com/news/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash efadfdd097ce3bc5e9763184ec4e9d12
c5b2bf58373726c8e1dd497b7bafe511d65c6093
c12c0de569bd43a18faa282d2870c42825d851de000404014474002bbc5e0764
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Dec 2022 02:36:00 GMT
Last-Modified: Fri, 02 Dec 2022 12:37:05 GMT
ETag: "6389f171-1d7"
Expires: Sun, 04 Dec 2022 12:37:05 GMT
Cache-Control: max-age=122465
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670034960
Via: cache21.l2de2[4,4,200-0,M], cache21.l2de2[5,0], cache1.se1[27,27,200-0,M], cache1.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 03 Dec 2022 02:36:00 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516700349602292149e
cdn.staticfile.org/jquery/1.9.1/jquery.js
47.246.44.211200 OK 80 kB URL HTTP/1.1 cdn.staticfile.org/jquery/1.9.1/jquery.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a3932a941cb998342ce964fdd83697f1
1b0e6eca41925e7cd470ea29b16cea49c1ec58af
8e7c4734517c05d78c341883dc3ad3ee4167b9d09dd63e91cf4087311194a2ab
GET /jquery/1.9.1/jquery.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 80123
Connection: keep-alive
Date: Fri, 02 Dec 2022 06:32:29 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FpJXr9LUbDoYnsDUCkVyJwHUfpyl.gz"
Vary: Accept-Encoding
X-Reqid: S6sAAABx9N9F5iwX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.js"; filename*=utf-8''jquery.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:22:55 GMT
Ali-Swift-Global-Savetime: 1669962749
Via: cache15.l2de2[0,0,304-0,H], cache9.l2de2[1,0], cache7.se1[0,0,200-0,H], cache8.se1[5,0]
Content-Encoding: gzip
Age: 72211
X-Cache: HIT TCP_MEM_HIT dirn:3:238906115
X-Swift-SaveTime: Fri, 02 Dec 2022 06:33:08 GMT
X-Swift-CacheTime: 86361
Timing-Allow-Origin: *
EagleId: 2ff62c9c16700349602713431e
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3321e622345c205dfde247bc879434f5
f90ab206fcc19ca5e014a3a078d71543d65c2b21
6930a222fa4df325494fa0eb1f417ab91cac75cfeae029481d3c127b5c4c5b93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6930A222FA4DF325494FA0EB1F417AB91CAC75CFEAE029481D3C127B5C4C5B93"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11364
Expires: Sat, 03 Dec 2022 05:45:24 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/rgq4hialypi.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/rgq4hialypi.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 814ecbbdbe5fa17bbab1634c5d41d9dd
13fc2e5977a6200d1604aa3a5be7a4e8d5ce890c
225ede255fc2d63e105c918eb1b7d91d3602f9d7d6f5bfcd42370e06394e82ae
GET /upload/vod/2022/12/rgq4hialypi.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/jpeg
content-length: 10064
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10743, status=webp_bigger
etag: "638aae93-29f7"
last-modified: Sat, 03 Dec 2022 02:04:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7738e9868ccbb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/14ux5fhmpck.jpg
104.22.13.214200 OK 5.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/14ux5fhmpck.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b96bdb97ce70d72896fc8e2bbe4921f2
846345a708dcb85a30c69bce461b6b0851189533
a35325518df8e9d73f166730e5cec294db5aa44186c3280ad88c35f942b5791c
GET /upload/vod/2022/12/14ux5fhmpck.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 5146
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7275
content-disposition: inline; filename="14ux5fhmpck.webp"
etag: "638aaea0-1c6b"
last-modified: Sat, 03 Dec 2022 02:04:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cccb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/oabyxqrg4w5.jpg
104.22.13.214200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/oabyxqrg4w5.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5a05d8df2696d3d7f8656b262187baa
27cdebe99349444a7dc3daba8aa2541db3216e6b
3c7aeda262e0896140730ec52b8dbb1957a3fe13434c93aa4e11cf64b49444e9
GET /upload/vod/2022/12/oabyxqrg4w5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6494
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7566
content-disposition: inline; filename="oabyxqrg4w5.webp"
etag: "638aae1b-1d8e"
last-modified: Sat, 03 Dec 2022 02:02:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869ccdb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/teuoszqzr5h.jpg
104.22.13.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/teuoszqzr5h.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5758a721f471a96e813b426f7721cd2
23c610034872028bd71738ee5970d37acce97ed0
5af1acdcdd721a7be9e7bd15b7c1e6f4b3f1ac79e84dbd853448b14db8bc6414
GET /upload/vod/2022/12/teuoszqzr5h.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6882
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8074
content-disposition: inline; filename="teuoszqzr5h.webp"
etag: "638aae2e-1f8a"
last-modified: Sat, 03 Dec 2022 02:02:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd2b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/dnar12tp05u.jpg
104.22.13.214200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/dnar12tp05u.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fe41c280de4019a48be5b13953af5bf
116d7773fc97e51906a5d3e7c1b59f9585495cc7
fc48ba38578d4a98831812a21146e8bf5f39922b0999507d11567e531a630d56
GET /upload/vod/2022/12/dnar12tp05u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 9874
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11329
content-disposition: inline; filename="dnar12tp05u.webp"
etag: "638aae29-2c41"
last-modified: Sat, 03 Dec 2022 02:02:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd0b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/nqlgfv4scxl.jpg
104.22.13.214200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/nqlgfv4scxl.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d7b4d23d17964227afd4f6717cb4ef6
57c32b8ae94dcb67af88a444f2242e2052c64af7
5fa978840593d73812ed1377db61df9e6589ca57faf8b70d3c68919f9587d602
GET /upload/vod/2022/12/nqlgfv4scxl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6964
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8252
content-disposition: inline; filename="nqlgfv4scxl.webp"
etag: "638aae24-203c"
last-modified: Sat, 03 Dec 2022 02:02:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869ccfb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/s1mdzf03kie.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/s1mdzf03kie.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc2df7dfee4287bdc44d0e7854c57e93
461cc63b001143e0b8b98c06556895e363577041
fea8afdc1cb099121e7cbf73c6dce94a78eff85da6cf0879c59e8b33feb493a7
GET /upload/vod/2022/12/s1mdzf03kie.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 11158
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11625
content-disposition: inline; filename="s1mdzf03kie.webp"
etag: "638aaad7-2d69"
last-modified: Sat, 03 Dec 2022 01:48:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cdcb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
104.22.13.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d94307031ceaff53706bc5519e4e197c
6bb971083c4e22c9b5a53245847fc2918159e25e
5035a72e94fd0467dd403c1f716f4da17e5382d90713cffb53a7fb92105ec995
GET /upload/vod/2022/12/pr2wodxhts3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 13044
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13331
content-disposition: inline; filename="pr2wodxhts3.webp"
etag: "638aaacf-3413"
last-modified: Sat, 03 Dec 2022 01:47:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd9b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/g2c1tp14h5q.jpg
104.22.13.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/g2c1tp14h5q.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df9f3df81651ede3c48a9190ce3fc904
42971c754ca89c3dbc3402a63ffa760db9f88c5b
8c34b209973e3a9e2fccab8bfb6d72e221f2e235c35f52ec824137d6671a0920
GET /upload/vod/2022/12/g2c1tp14h5q.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6604
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8867
content-disposition: inline; filename="g2c1tp14h5q.webp"
etag: "638aaabd-22a3"
last-modified: Sat, 03 Dec 2022 01:47:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd4b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/a55ifm1cq54.jpg
104.22.13.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/a55ifm1cq54.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1226b74bd87e26a84f864f383fd8d27
64efb61c823ec03ae0feb734fc1bee15762ec8a7
24e543ab53a488fadfbe35cce1f740ac6157f52493cb32841763eb09cebf7a6b
GET /upload/vod/2022/12/a55ifm1cq54.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 7822
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9084
content-disposition: inline; filename="a55ifm1cq54.webp"
etag: "638aae32-237c"
last-modified: Sat, 03 Dec 2022 02:02:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd3b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/olhuhhzpfr4.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/olhuhhzpfr4.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9de8c8477eec89a60ba2a1cbcad67801
6a937a27a2438ac1ff8d9f1f4cc0c63efbdba76d
515893c91e9bb7c28ee279a13d40830118f3134efd65aa07da855488aa99694a
GET /upload/vod/2022/12/olhuhhzpfr4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 10438
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11293
content-disposition: inline; filename="olhuhhzpfr4.webp"
etag: "638aaac1-2c1d"
last-modified: Sat, 03 Dec 2022 01:47:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd5b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/a5qwcfnikab.jpg
104.22.13.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/a5qwcfnikab.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29f29b9bd1010588d2084f587c14c777
25822234ef98992dc168bd5c01d64dab0150476d
661c057a25bb7ec7da515e0f6756b4dfe36df0ede1515ad1785ef29837deaf35
GET /upload/vod/2022/12/a5qwcfnikab.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 8882
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9839
content-disposition: inline; filename="a5qwcfnikab.webp"
etag: "638aaac6-266f"
last-modified: Sat, 03 Dec 2022 01:47:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd6b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/q4axihilgak.jpg
104.22.13.214200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/q4axihilgak.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b91a5d78377bfd93349603babb7c4bb
0e7a114b9919cfd8b0199bdef3df6d93f4166beb
334b6b27e1533a8e51c0b7290e0f47403eb86dd171ce474280a10a12b17b8016
GET /upload/vod/2022/12/q4axihilgak.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6698
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7878
content-disposition: inline; filename="q4axihilgak.webp"
etag: "638aaad3-1ec6"
last-modified: Sat, 03 Dec 2022 01:48:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cdbb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/hhz4a31jbvs.jpg
104.22.13.214200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/hhz4a31jbvs.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c8f84381eef5dd62a089a5424edf921
36b90f69ea1930c42064b339e4ffcd02da582dd0
d48c9ad7bae8bb697f1016914f8cd0d797bb5c0e71d6b131913f74f9ac2be4a0
GET /upload/vod/2022/12/hhz4a31jbvs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 8246
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9391
content-disposition: inline; filename="hhz4a31jbvs.webp"
etag: "638aaadb-24af"
last-modified: Sat, 03 Dec 2022 01:48:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cddb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/jjjaiwr5pc4.jpg
104.22.13.214200 OK 5.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/jjjaiwr5pc4.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fe89643788e14070a4af9bfe5baf811
2be751f949487002df4d6d7b63ff7bcda1fd9235
c67d2fd3a20da791585aee79587de7443995763485c5a26bf11b8097f5d8ca26
GET /upload/vod/2022/12/jjjaiwr5pc4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 5508
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8053
content-disposition: inline; filename="jjjaiwr5pc4.webp"
etag: "638aae20-1f75"
last-modified: Sat, 03 Dec 2022 02:02:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cceb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/c1ewvfpozhc.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/c1ewvfpozhc.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6331fa442ad3f52a1576d420aca545f7
94d778383f0630c6c3a014a6c28042dd26653920
e35aec9e2716ff101ad5deac487848df2c6f1f6ddcf58f4e9ffdc61aa44128de
GET /upload/vod/2022/12/c1ewvfpozhc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 8724
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9557
content-disposition: inline; filename="c1ewvfpozhc.webp"
etag: "638aaaca-2555"
last-modified: Sat, 03 Dec 2022 01:47:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cd8b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/wnsaukcorgn.jpg
104.22.13.214200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wnsaukcorgn.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3339fb3bab8be4f20e4d5eb1afa89acf
5574d9e2d2c036681a679b9ebe19124f788fad98
5c19d2735e074d374f2c93c95dd7a63f0e56a37e1f4e64c92061d61c681d8a04
GET /upload/vod/2022/12/wnsaukcorgn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6236
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8966
content-disposition: inline; filename="wnsaukcorgn.webp"
etag: "638aaef2-2306"
last-modified: Sat, 03 Dec 2022 02:05:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cdeb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/jggnfmq5udm.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/jggnfmq5udm.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abc23afe6d4bc7b8060b444534df0c47
4ff4375228701238bbcf44678de8b3164b86dcd0
d6589183424405a1d7c27c0ddd93c75f0f9504f0c48bebc9382f19dd11501c84
GET /upload/vod/2022/12/jggnfmq5udm.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 11100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12576
content-disposition: inline; filename="jggnfmq5udm.webp"
etag: "638aaef6-3120"
last-modified: Sat, 03 Dec 2022 02:05:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9869cdfb51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/zr0uwiio0k2.jpg
104.22.13.214200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zr0uwiio0k2.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d5b422ac4d96d482e51fd80b0954ffe
28f9e5048b98267688c5421e46537a22ac06f32f
5db0dcc11b906b5ab3e43a095d5e51092c48199834baaf27f2bd07f895db84e3
GET /upload/vod/2022/12/zr0uwiio0k2.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 9604
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10938
content-disposition: inline; filename="zr0uwiio0k2.webp"
etag: "638aaefa-2aba"
last-modified: Sat, 03 Dec 2022 02:05:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e986ace7b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/cdxdovibtto.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/cdxdovibtto.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6a310fb478b32f5f2cee6cd888bec55
bc50778a4e86afad994e2f075d5d114da1418ace
5742d2d2d9a9edded97673d86e9ad2b00949a79a7e804c73aa7bbf7ad88519b6
GET /upload/vod/2022/12/cdxdovibtto.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 10280
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11259
content-disposition: inline; filename="cdxdovibtto.webp"
etag: "638aae89-2bfb"
last-modified: Sat, 03 Dec 2022 02:03:53 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e986ace9b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/zmqdiomyc21.jpg
104.22.13.214200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/zmqdiomyc21.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af33c68c5e993d5b7eecdc188fa7beb1
91c22d95e3ee8725162d9de2c865b8ed506ba19d
30a38d2487fc3d1a4e68e05805e58959e0c918afd5fd75fd832d70dc1475a09b
GET /upload/vod/2022/12/zmqdiomyc21.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6252
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8778
content-disposition: inline; filename="zmqdiomyc21.webp"
etag: "638aaf00-224a"
last-modified: Sat, 03 Dec 2022 02:05:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e986aceab51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/2ooskg0slbo.jpg
104.22.13.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/2ooskg0slbo.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5871793a3fb5faf664da2fa0fbae613a
eed0abac9a4d87fd37df746264ba54ad94c4af3b
60727d7b3f32fd6c0618e43fe97f2d2704bfba89b0cb00c20695d4cdf988a74f
GET /upload/vod/2022/12/2ooskg0slbo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 5972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8427
content-disposition: inline; filename="2ooskg0slbo.webp"
etag: "638aaee9-20eb"
last-modified: Sat, 03 Dec 2022 02:05:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e986ccf2b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/sx5f0tllpog.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/sx5f0tllpog.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb304bdd20b1f19907644cfbb66d44d8
f74231c994d7457639e02cc7377088c0a115711d
2492fd4d709c75f8494de92c3de8c62508927480e368108e18bdb75b535c4a77
GET /upload/vod/2022/12/sx5f0tllpog.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 11208
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12087
content-disposition: inline; filename="sx5f0tllpog.webp"
etag: "638aaeee-2f37"
last-modified: Sat, 03 Dec 2022 02:05:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e986ccf6b51b-OSL
X-Firefox-Spdy: h2
www.yhnaf.xyz/template/m1938pc/images/1.gif
173.231.62.141200 OK 254 B URL HTTP/2 www.yhnaf.xyz/template/m1938pc/images/1.gif
IP 173.231.62.141:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: image/gif
content-length: 254
last-modified: Mon, 06 Jun 2022 14:02:22 GMT
etag: "629e08ee-fe"
expires: Mon, 02 Jan 2023 02:35:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.yhnaf.xyz/template/m1938pc/html9/ads/fff.js
173.231.62.141200 OK 610 B URL HTTP/2 www.yhnaf.xyz/template/m1938pc/html9/ads/fff.js
IP 173.231.62.141:0
File type HTML document, Unicode text, UTF-8 text
Hash 71c6eb5cf6eed295589fe97d9117986a
2d903ed8f86e4837dd7c6ea7d01867800194a501
59affd294814a52a1dd1778e8283d5ed42fc1f881e1f06216ff7d14cde35c26e
GET /template/m1938pc/html9/ads/fff.js HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: application/javascript
content-length: 610
last-modified: Wed, 23 Nov 2022 04:57:05 GMT
etag: "637da821-262"
expires: Sat, 03 Dec 2022 14:35:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3321e622345c205dfde247bc879434f5
f90ab206fcc19ca5e014a3a078d71543d65c2b21
6930a222fa4df325494fa0eb1f417ab91cac75cfeae029481d3c127b5c4c5b93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6930A222FA4DF325494FA0EB1F417AB91CAC75CFEAE029481D3C127B5C4C5B93"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11364
Expires: Sat, 03 Dec 2022 05:45:24 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3321e622345c205dfde247bc879434f5
f90ab206fcc19ca5e014a3a078d71543d65c2b21
6930a222fa4df325494fa0eb1f417ab91cac75cfeae029481d3c127b5c4c5b93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6930A222FA4DF325494FA0EB1F417AB91CAC75CFEAE029481D3C127B5C4C5B93"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11364
Expires: Sat, 03 Dec 2022 05:45:24 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/x3dwfjv3g4p.jpg
104.22.13.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/x3dwfjv3g4p.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fed9bd2ce9d2133e6fdd8b75d166bcc
734ae4fe343ae9fa935c065607736f461f8b9cb3
2e5512c38697cda2ba444a614f6ba0b68978ce7e5299e79b9c39f4de13da7642
GET /upload/vod/2022/12/x3dwfjv3g4p.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6850
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8355
content-disposition: inline; filename="x3dwfjv3g4p.webp"
etag: "638aae97-20a3"
last-modified: Sat, 03 Dec 2022 02:04:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9878d43b51b-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fb6fbf2dba26e4a2e6c1157e600c7eb7
8b12e2ee7a0eef0a2da9fab86460ef42432edd07
d3bbcf7c3d1ac1bd2ae50bb16b1d5451464e65a33bb134d0c63f150e8bab1da9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: "638aa83e-117"
Expires: Mon, 05 Dec 2022 01:37:02 GMT
Last-Modified: Sat, 03 Dec 2022 01:37:02 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3321e622345c205dfde247bc879434f5
f90ab206fcc19ca5e014a3a078d71543d65c2b21
6930a222fa4df325494fa0eb1f417ab91cac75cfeae029481d3c127b5c4c5b93
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6930A222FA4DF325494FA0EB1F417AB91CAC75CFEAE029481D3C127B5C4C5B93"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11364
Expires: Sat, 03 Dec 2022 05:45:24 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/12/i0rrchujbr4.jpg
104.22.13.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/i0rrchujbr4.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6236a99b55afe9cea83994ef4ed92d18
292c5857fd83946667f78ba89ecf1b039fbe4334
f88d3c6eb91ebc119b96256c364abba532c0398323d697ff67524f552172fb6b
GET /upload/vod/2022/12/i0rrchujbr4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 8332
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9254
content-disposition: inline; filename="i0rrchujbr4.webp"
etag: "638aae8e-2426"
last-modified: Sat, 03 Dec 2022 02:03:58 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e9879d46b51b-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/141fk1fzwop.jpg
104.22.13.214200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/141fk1fzwop.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b7a14747b4ae18ae72bda218e406cec
9befba2c24b834797a1227dab1c42afb650c27bc
0d56c283e1a1d0b85a8cb9a8d47de9bf11e23a8aa0d68535de91664807341a0c
GET /upload/vod/2022/12/141fk1fzwop.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/webp
content-length: 6958
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8389
content-disposition: inline; filename="141fk1fzwop.webp"
etag: "638aae9b-20c5"
last-modified: Sat, 03 Dec 2022 02:04:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3
accept-ranges: bytes
server: cloudflare
cf-ray: 7738e987bd58b51b-OSL
X-Firefox-Spdy: h2
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
172.67.143.17200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 172.67.143.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Sun, 04 Dec 2022 03:02:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2504031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RINIqFFWpSN9YX6jhg%2F0dJVyMHWHcj3t4RmTfDFOluvMKaAkB%2BPgtVJJKVh9s5CbLXrvRZbQjsg2ToVC%2B%2FQWxLzpzfTkVejdvD4nPa%2BNGK7awsiVqEYJsMX91Jkm1Hcb1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7738e987b91db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3.uuu.ovh/imgs/2022/11/19/c61bb09f3f9090d1.gif
194.13.80.102200 OK 541 kB URL HTTP/2 s3.uuu.ovh/imgs/2022/11/19/c61bb09f3f9090d1.gif
IP 194.13.80.102:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 541 kB (540950 bytes)
Hash be94ebbdad9a5781f8a1fc696503e74a
ddb817d320a19679dc1a5cf2757ae44861950899
5da6da3256ccccffb8cd6cc3895868016c9afaaf7fde265b98729b33c8d472f9
GET /imgs/2022/11/19/c61bb09f3f9090d1.gif HTTP/1.1
Host: s3.uuu.ovh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 540950
content-security-policy: block-all-mixed-content
etag: "be94ebbdad9a5781f8a1fc696503e74a"
last-modified: Sat, 19 Nov 2022 11:25:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 172B1EE566082051
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 17 Dec 2022 02:36:00 GMT
cache-control: max-age=1209600
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET,POST
xcdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7521.jpg
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash baa0cac1925ce7076ebf5f08bdfa541d
4b5dcce65f6c38998a20e4cbfddff9d3ed7bd65a
7798fa2de7a083256d061eb9640cc10c9e665404d1b20d39ed4131f48ae33c0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7798FA2DE7A083256D061EB9640CC10C9E665404D1B20D39ED4131F48AE33C0E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12260
Expires: Sat, 03 Dec 2022 06:00:20 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
www.yhnaf.xyz/template/m1938pc/images/video-mask.png
173.231.62.141200 OK 107 B URL HTTP/2 www.yhnaf.xyz/template/m1938pc/images/video-mask.png
IP 173.231.62.141:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: image/png
content-length: 107
last-modified: Mon, 06 Jun 2022 14:02:22 GMT
etag: "629e08ee-6b"
expires: Mon, 02 Jan 2023 02:35:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.yhnaf.xyz/template/m1938pc/images/video-play.png
173.231.62.141200 OK 1.6 kB URL HTTP/2 www.yhnaf.xyz/template/m1938pc/images/video-play.png
IP 173.231.62.141:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: image/png
content-length: 1567
last-modified: Mon, 06 Jun 2022 14:02:22 GMT
etag: "629e08ee-61f"
expires: Mon, 02 Jan 2023 02:35:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c8d7ec1fb4e7dc4e73affbb14db5aa0
1f20a061f23c46f2478b5c4bd3a7566d3d2b049d
9c519e76af361c33372f5f0d3a76dced253dfda7b3cc36f3ef877ee4ed4d9b09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C519E76AF361C33372F5F0D3A76DCED253DFDA7B3CC36F3EF877EE4ED4D9B09"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3264
Expires: Sat, 03 Dec 2022 03:30:24 GMT
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
www.yhnaf.xyz/template/m1938pc/js/jquery.config.js
173.231.62.141200 OK 3.5 kB URL HTTP/2 www.yhnaf.xyz/template/m1938pc/js/jquery.config.js
IP 173.231.62.141:0
Hash 9c961d9d04d6ab437b213e7b3f597946
15d1aeaf743ec9bfeb0d68bd63a04564279a3fb4
0ba1b71abd51c6d52dbb4b0054756263e4fb21f9e2ed4ace729bfa8d53966713
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: application/javascript
last-modified: Mon, 06 Jun 2022 14:02:22 GMT
vary: Accept-Encoding
etag: W/"629e08ee-1469"
expires: Sat, 03 Dec 2022 14:35:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 20c8075fe5ea6d279b511c830f78a52d
99b8c46326d6deaa4a7719fba94a71b6a64f2fa9
52ffee280b9b97a2c3f70503de506dae4dbf523c5cb2340e24e44c0e5ecafcf1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash a7dab3703d488eeea161c89b19a688e2
4631476cec6f1fd0c68e456d11ea2f4f143089aa
d0a9de9064567cb5b8de548e16f4f0ce417b78630884869cf7409e325273fdf1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=117
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash a7dab3703d488eeea161c89b19a688e2
4631476cec6f1fd0c68e456d11ea2f4f143089aa
d0a9de9064567cb5b8de548e16f4f0ce417b78630884869cf7409e325273fdf1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=117
Date: Sat, 03 Dec 2022 02:36:00 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fb6fbf2dba26e4a2e6c1157e600c7eb7
8b12e2ee7a0eef0a2da9fab86460ef42432edd07
d3bbcf7c3d1ac1bd2ae50bb16b1d5451464e65a33bb134d0c63f150e8bab1da9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=169262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: "638aa83e-117"
Expires: Mon, 05 Dec 2022 01:37:02 GMT
Last-Modified: Sat, 03 Dec 2022 01:37:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 978712f0d67cff24b01f6b5652dd385a
1334a0e62f5fbb091b6e05967980871b5481f2f6
fdd152c5ec51d6eaec7efb39dd93bd3dc87b647dac95d187ddcd0d7978afe266
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 00:29:53 GMT
ETag: "1334a0e62f5fbb091b6e05967980871b5481f2f6"
Last-Modified: Sat, 03 Dec 2022 00:29:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7738e9890d091bfa-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 65d581eeca199596aaa9a64e07fe1aee
1fba196ed4927f6d4caf989672cdb2f92c71cc77
4fb1b2ac5be4baebd93e99087bc052bcc0a706e6f8b6ad4144c8c852c82316e6
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Dec 2022 23:22:18 GMT
ETag: "1fba196ed4927f6d4caf989672cdb2f92c71cc77"
Last-Modified: Fri, 02 Dec 2022 23:22:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2764
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7738e9894b10b521-OSL
www.yhnaf.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022123Sat%20Dec%2003%202022%2002:35:58%20GMT+0000%20(Coordinated%20Universal%20Time)
173.231.62.141200 OK 3.4 kB URL HTTP/2 www.yhnaf.xyz/template/m1938pc/html9/advertised/advertised.json?refresh=2022123Sat%20Dec%2003%202022%2002:35:58%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 173.231.62.141:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 33bd0bbe51dd8425a5700bafcca71d36
de32ea5ffcab5c50fa01c03ef239ef44ca63e39e
23c53bbd36e4e16c92d8281ec30ea957c5647fbc17afe1e01716e073ed9ea87a
GET /template/m1938pc/html9/advertised/advertised.json?refresh=2022123Sat%20Dec%2003%202022%2002:35:58%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:17 GMT
content-type: application/json
content-length: 3399
last-modified: Mon, 05 Sep 2022 23:57:24 GMT
etag: "63168ce4-d47"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 5765e3857d3ec568778e0a354dbcd2eb
16700c930330b3712a30cc3789bf7f6950f8d328
06dd010a1515e5d5ea52b287c43a612ff8d769e3c41c5f1f67a17aaf9d57eb63
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:09:40 GMT
Expires: Fri, 09 Dec 2022 11:09:39 GMT
Etag: "16700c930330b3712a30cc3789bf7f6950f8d328"
Cache-Control: max-age=548618,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7738e9882a2db4ee-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: text/html
content-length: 162
location: https://kvkmmm.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: text/html
content-length: 162
location: https://kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/KzhrJKWHgbg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/KzhrJKWHgbg
IP 142.250.74.131:0
Hash c5a7f8840c6f3c5685b8b122dd5e893c
e436487b1d70200e784b7c5f40b53bc994189bb6
cb631a03a11d2a8bb3adc44b3007ba675592a7a2d62b79078a5477ba33d6e457
POST /s/gts1p5/KzhrJKWHgbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 3253d490ac20b5aed7ae137b7fe08440
2c9916f56c9ca8900f08b019dffcedbfefae1d2c
6af2d19448bf87bf5cef19d6f5aed84c7a1294151f426cc3e69b75e84d26b513
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 02:36:00 GMT
Ali-Swift-Global-Savetime: 1670034960
Via: cache20.l2de2[188,188,200-0,M], cache20.l2de2[189,0], cache1.se1[210,209,200-0,M], cache1.se1[211,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 03 Dec 2022 02:36:00 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516700349607422340e
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
45.89.209.74200 OK 6.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58ea27a500bcb3f3d868101711779560
a162c0e988323069e6396902f2fabc9da1205eb3
583dda68ba080f07505f0ba01f8d5395ef9afaddff065cbff72906e9f61aecca
GET /upload/vod/2020/08-04/06/hrf4tscrqkm0603hrf4tscrqkm083521.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 5954
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-1742"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvkmmm.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
188.114.96.1200 OK 400 kB URL HTTP/2 kvkmmm.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkmmm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.yhnaf.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:57:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1953497
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuOr4gAjtwKsyhNvnhhyrqHIEUBJJO8hayla3XKoiKVrgXyHisd%2FQkvijAYBGpPS%2FNU61cSGctN8%2BK9mKdu%2BzbH5Mqg29G7qG1JRJjopl37jBGRzJ2Ou64RfQdz8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7738e98a2f82b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
45.89.209.74200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c45eda38d46f5acd58867ef8b570bb2
26b02ebb1c069acd757c04f2ffcc81a085470907
a8a0ed14544bd1b8eca15c0faeaeb4cace07a7da700cc21ef7a0b47fa38daffd
GET /upload/vod/2020/08-04/06/hvzlsqsvnf40603hvzlsqsvnf4123545.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 12006
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-2ee6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
45.89.209.74200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 34ff69ac005a1758f959b2e19def96ca
17413ac3a9fb102c5550118f38cb659effeeeb23
f72cf38f8da2e02865cd9be56d03b884d3dfe727ea06884ced64e38811329ac2
GET /upload/vod/2020/08-04/06/ltbwlnux4200603ltbwlnux420113539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 10559
Last-Modified: Fri, 25 Nov 2022 12:36:12 GMT
Connection: keep-alive
ETag: "6380b6bc-293f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 8ad478c8d158a08313a82398817e9a01
3c28895268423c86997a1daa2b0b59c7a192acf4
ab9e8bac8904ab093d70758eb65059e46f3e47138585466ba00367c5cc50b621
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:36:01 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 21:48:54 GMT
Expires: Fri, 09 Dec 2022 21:48:53 GMT
Etag: "3c28895268423c86997a1daa2b0b59c7a192acf4"
Cache-Control: max-age=586972,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7738e98a0b4bb4ee-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6bc3fed1829fc4d548a3a02b83a118eb
89a59e09226127da60f5071d601dac9f70029e61
4302d72e88239e0327b358f7b815544d30965f7a57f59c5f61576e2020d7f357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=95103
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: "6389868f-117"
Expires: Sun, 04 Dec 2022 05:01:04 GMT
Last-Modified: Fri, 02 Dec 2022 05:01:03 GMT
Server: nginx
Content-Length: 279
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash ee4e0a8cf174a2bd6a09e83bf0048b51
023626ee9662ffcfed6477f6bff5c6c16ad573e7
1f5124e2bc54d6ff9b297a2028abb03c23c18dc59bf324ef47fdce02b510b5df
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 02:36:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Dec 2022 23:31:39 GMT
ETag: "023626ee9662ffcfed6477f6bff5c6c16ad573e7"
Last-Modified: Fri, 02 Dec 2022 23:31:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2941
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7738e98a6babb521-OSL
fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
45.89.209.74200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4de69e86cac1b908c088cafd5a7b0b6e
cd030960d031bb1ce4e5d46a39bcda1ae56e0064
a9da837629b12da43d48dccbce14f1c401280a7d67afb0a58f556abf402122e6
GET /upload/vod/2020/08-04/06/pveg4v12xcm0603pveg4v12xcm073513.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 13417
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-3469"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash b3d5ddbd724e1483329725ce13bbe116
3ba7e559dafc88145ef6c881700fa00fe6fefbb3
e0033111e6bcb7e426483e97c386dab900f699e44b78ea02dc8fb62048d50cb1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 03 Dec 2022 02:36:01 GMT
Connection: keep-alive
X-N: S
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash eb3b995efd7d7f3c7c913f9513da9be9
a3c2f7bac020e4d6a31c16f5746de97d9bbc5727
b04adc89f60d411cb07eed941496be3a318ac1232dd830fdc9fe9de596636cce
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 31
Cache-Control: max-age=108450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Etag: "6389ba94-1d7"
Expires: Sun, 04 Dec 2022 08:43:31 GMT
Last-Modified: Fri, 02 Dec 2022 08:43:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/KzhrJKWHgbg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/KzhrJKWHgbg
IP 142.250.74.131:0
Hash c5a7f8840c6f3c5685b8b122dd5e893c
e436487b1d70200e784b7c5f40b53bc994189bb6
cb631a03a11d2a8bb3adc44b3007ba675592a7a2d62b79078a5477ba33d6e457
POST /s/gts1p5/KzhrJKWHgbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
45.89.209.74200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f2a8789ed6ea14341492d37fac4595f9
c88bf5860453ad667dc58c27deb31873acc61cd5
5b8460b19f3d79f29044eb4884447e61a5894d58d2dbb232eeb991313dabede4
GET /upload/vod/2020/08-04/06/34bk2qo0bo2060334bk2qo0bo2063507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 12196
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-2fa4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4c5f9fce4824f9c3d3f694403480c46f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 78beeebd704483f278f032a25abe0881
affc9127ea9d9a95c0f6e062906d178c352403c9
050cabd2bac570db52be5fefa654b1504df58eeffe36c368936ddadd3870d310
GET /hm.js?4c5f9fce4824f9c3d3f694403480c46f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: ed60979d6d5889a6d3ecb44d5c7057ad
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9461188369D3D246; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?9e3afa4b42f6be34d912efcf72eeb2b6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?9e3afa4b42f6be34d912efcf72eeb2b6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c5d90982bb82fac56d23b5d34dcef9bd
658c4504f1998a66eb22600a10772f6e9dcd160d
ce3e00e499f5217ee2edc89da8eb7c7d7beed14024ef03ce79b1357e9056ace5
GET /hm.js?9e3afa4b42f6be34d912efcf72eeb2b6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: aac09ddcbc052c3cff8ed25546bda0db
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6464E14B2CB460CF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 385797edac1d836eff60d899f2c2bf50
66a002020f849693377673a3938435f77330d701
1a731e7e002981839b20fc7960f11abc3bf990f7c1a8022bd7d21449c820415c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 759
Cache-Control: max-age=156700
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Etag: "638a7436-2d7"
Expires: Sun, 04 Dec 2022 22:07:41 GMT
Last-Modified: Fri, 02 Dec 2022 21:55:02 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/b5d6c1c9ed324cc4b20976cee98cb14f
47.246.44.230200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b5d6c1c9ed324cc4b20976cee98cb14f
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/b5d6c1c9ed324cc4b20976cee98cb14f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Thu, 24 Nov 2022 13:48:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 13:48:46 GMT
nw-session-id: 2022112421484601015120315409DB8962prmpb01dy
nw-session-trace: 2022-11-24T21:48:46.43652527+08:00 37
x-bdcdn-cache-status: TCP_MISS
x-length: 420442
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 21:48:46 GMT
x-tt-logid: 2022112421484601015120315409DB8962
via: n150-057-099, cache4.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc02:20:751::154
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4a199b1313c8d9a69d680d9315ea7ef68e1f2c85a79199083a57cf21c55b7eeb9369494e25277f7c3684485560a61f89f25ba352b774d1c786630efe500b67a2245e65a3fc5b43730531b818457afc7b7b
x-response-lb: image
ali-swift-global-savetime: 1669297726
age: 737235
x-cache: HIT TCP_MEM_HIT dirn:11:237341291
x-swift-savetime: Thu, 24 Nov 2022 14:35:50 GMT
x-swift-cachetime: 31533176
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616700349611493316e
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
45.89.209.74200 OK 9.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b567dbb6fb1db9f38bd0459ee707f4a9
a78cf16102114a17aef64addc6e1ca8db381600a
7c80046668ca43bae8a195d776c6afc2895a45869fa18e8dc239fa279f7102d3
GET /upload/vod/2020/08-04/06/wej4h1cxud10603wej4h1cxud1133551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 9264
Last-Modified: Fri, 25 Nov 2022 12:37:15 GMT
Connection: keep-alive
ETag: "6380b6fb-2430"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 3175bc9fb55f307477bfdae3a43584bb
e4bbab5ea7d30343be442cad454c52e3242130de
05504e1ccd5b19eade01235be3611cef6a02b30ac578043cf762922cc20c2af0
GET /hm.js?a3bf9acdbb11a6af7d201180b0d6dd7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 02:36:00 GMT
Etag: e26dd122a3bbed2b6c2ab51c0046649e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=385B2F62AEC0F64E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 30144c97918c305473d2aff91ae0810b
6873fa03e2e2358b1c7882a8bec9206c710cd9f6
ae802d4cad4b6cc343ff62a97a37a6d56302998b0b17821c960993a326a70c5c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124253
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Etag: "6389f86e-2d7"
Expires: Sun, 04 Dec 2022 13:06:54 GMT
Last-Modified: Fri, 02 Dec 2022 13:06:54 GMT
Server: nginx
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8539980a5c3effde3317ee1a55fc0d68
cc5fc5d1987f9817e09322b8e1be1023fd43d9fe
e3d3883dedb2ce33f47565dd56e0af3df25b1fd860818a30f93d7bcf33166dc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D3883DEDB2CE33F47565DD56E0AF3DF25B1FD860818A30F93D7BCF33166DC7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 08:36:01 GMT
Date: Sat, 03 Dec 2022 02:36:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 87ab1cb9181d9c0f58870a91bb8ea265
59b007d74dcf0a074394a9df6d9a1551f567b80c
5f2a793bb393532dcf8e4dd9cfee4679af51caccff1922b519a4b6aa25c3de21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137222
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Etag: "638a2b17-2d7"
Expires: Sun, 04 Dec 2022 16:43:03 GMT
Last-Modified: Fri, 02 Dec 2022 16:43:03 GMT
Server: nginx
Content-Length: 727
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1287353359&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1287353359&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1287353359&si=4c5f9fce4824f9c3d3f694403480c46f&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 02:36:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DCB1E4D995510B89; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=639716113&si=9e3afa4b42f6be34d912efcf72eeb2b6&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=639716113&si=9e3afa4b42f6be34d912efcf72eeb2b6&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=639716113&si=9e3afa4b42f6be34d912efcf72eeb2b6&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 02:36:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9865D92FD1A463A1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 458a72d5d7382bc46f96fda8a59ad6ec
0fff5b500bb238bb2dbf17c586399a18de17a2ca
a02ae1337d04a51c19a6a3019c506351d11cf1bd145accd6d20b9fab027c75a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A02AE1337D04A51C19A6A3019C506351D11CF1BD145ACCD6D20B9FAB027C75A4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7692
Expires: Sat, 03 Dec 2022 04:44:13 GMT
Date: Sat, 03 Dec 2022 02:36:01 GMT
Connection: keep-alive
pic.rmb.bdstatic.com/bjh/0d38476bae9ce2a19e7baf47c0305e96.gif
185.10.104.115404 Not Found 117 B URL HTTP/2 pic.rmb.bdstatic.com/bjh/0d38476bae9ce2a19e7baf47c0305e96.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JSON data\012- , ASCII text, with no line terminators
Hash 58b46d5a6a3fe3018b1ae5121cb82b47
8fd99627ef868d16ca925cf03b6a97009636d5df
d9de7c50c0e7cf5a43140f53114c2aa0c40a22b80f402586368a9105bc9eec0c
GET /bjh/0d38476bae9ce2a19e7baf47c0305e96.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: JSP3/2.0.14
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: application/json; charset=utf-8
content-length: 117
x-bce-debug-id: 9xEJzeubqNKNTQ7JPnynOqMM9iax927VutUULeWUfNxXfDmUnUAsZ/yeAR8z1Vz4kcj+9EuE/nW3CCaaLvyzlA==
x-bce-request-id: db1e7367-f809-4ade-b9f3-bdeb941194a1
x-bce-restore-cache: -
x-bce-restore-tier: -
x-error-info: Origin
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [1], zhuzuncache64 [1], czix163 [1]
ohc-file-size: 117
x-cache-status: MISS
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xmAGT9KS9C
58.254.180.65200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 58.254.180.65:0
ASN #136958 China Unicom Guangdong IP network
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 117593
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
etag: "c4caa37b717580e8594587f32ca86470"
age: 235092
accept-ranges: bytes
x-application-context: application
x-kss-request-id: f130ut80n4hobs7go5ib5np8lk0gkchq
content-md5: xMqje3F1gOhZRYfzLKhkcA==
timing-allow-origin: *
ohc-global-saved-time: Wed, 30 Nov 2022 09:17:27 GMT
ohc-cache-hit: gz3un59 [2], suzix111 [4]
ohc-file-size: 117593
x-cache-status: HIT
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
45.89.209.74200 OK 120 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7516.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 120 kB (120184 bytes)
Hash b3eaf61f8b8ce3484176e881301ae333
08fa67d1e47e51b37446645ca964bea114eee747
cfababc46181a463817165a710bb510d86b53bb9cdbd94a19e7e706df3040e8c
GET /images/2021/7/24/dmm7516.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 120184
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-1d578"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 30144c97918c305473d2aff91ae0810b
6873fa03e2e2358b1c7882a8bec9206c710cd9f6
ae802d4cad4b6cc343ff62a97a37a6d56302998b0b17821c960993a326a70c5c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124253
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:01 GMT
Etag: "6389f86e-2d7"
Expires: Sun, 04 Dec 2022 13:06:54 GMT
Last-Modified: Fri, 02 Dec 2022 13:06:54 GMT
Server: nginx
Content-Length: 727
www.yhnaf.xyz/
173.231.62.141200 OK 157 kB IP 173.231.62.141:0
Size 157 kB (157393 bytes)
Hash 15c892de351632d995a2e4882e56323e
81e4a5cb66f0a553648531a0fe0847eb03cc16dd
c381ce2359b0eeab473634716ea4797028639f06ad1be00456c5c31d5426821a
GET / HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.3980011.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
45.89.209.74200 OK 122 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7515.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 122 kB (121778 bytes)
Hash 84d5b2b7d58b70cefc595589530fc731
b6369bb724b71a1c855b1569f36dc63438ba71c0
d1ed1b5c87ddb3e9a2aa3aa5cc4d6c038d87388e80af6a2058886d3f4703108d
GET /images/2021/7/24/dmm7515.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 121778
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-1dbb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
45.89.209.74200 OK 134 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7510.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 134 kB (133978 bytes)
Hash 796a9665a4fbbdb3640a7750c6f07b90
7f07a9f7b1263ba79c6da5b504078c3484ec7c97
47b2c8af58f3213cc952170d1ac97e6de93346c3fa7e3710fc3d32311c833715
GET /images/2021/7/23/dmm7510.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 133978
Last-Modified: Fri, 25 Nov 2022 12:37:13 GMT
Connection: keep-alive
ETag: "6380b6f9-20b5a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
8499483.com/8499/960x60.gif
23.224.101.37200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 23.224.101.37:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
45.89.209.74200 OK 139 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7511.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 139 kB (138685 bytes)
Hash e9cefc544ae32631f400fb8b3ef0f6fe
4faf7d1b3d4c61774cb17b44b6283b1b14785601
0a5ac49f96a8234348f2acc182e5ab43d6cb5aa426d69a81e161e7181231248b
GET /images/2021/7/23/dmm7511.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:47 GMT
Content-Type: image/jpeg
Content-Length: 138685
Last-Modified: Fri, 25 Nov 2022 12:37:13 GMT
Connection: keep-alive
ETag: "6380b6f9-21dbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
8499583.com/8499/150x150.gif
162.209.128.165200 OK 135 kB URL HTTP/2 8499583.com/8499/150x150.gif
IP 162.209.128.165:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 135 kB (134747 bytes)
Hash 48c8ab8ae6b52201e71decda0b783d26
5817a61ac305b0b96542b5aced965e79cf67d010
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8
GET /8499/150x150.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 134747
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
etag: "20e5b-5ed573c48c405"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 849b478b4465bdbb63ec29b501c9d383
1913aa52ff42bea5b141fa7488c6c8aa8e690dde
94f19d03bcb29679ce4bc89d36b6ce67a7a5d01b5c4817f35afb424bd4a271cb
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 03 Dec 2022 02:36:01 GMT
Last-Modified: Fri, 02 Dec 2022 15:48:35 GMT
ETag: "638a1e53-1d7"
Expires: Sun, 04 Dec 2022 15:48:35 GMT
Cache-Control: max-age=133954
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1670034961
Via: cache21.l2de2[192,192,200-0,M], cache21.l2de2[193,0], cache1.se1[216,215,200-0,M], cache1.se1[217,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 03 Dec 2022 02:36:01 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516700349614852614e
p6.toutiaoimg.com/origin/pgc-image/9e94df98d1a94370bea235c60005efd4
115.231.32.115404 Not Found 44 B URL HTTP/2 p6.toutiaoimg.com/origin/pgc-image/9e94df98d1a94370bea235c60005efd4
IP 115.231.32.115:0
ASN #136188 NINGBO, ZHEJIANG Province, P.R.China.
File type JSON data\012- , ASCII text, with no line terminators
Hash 4b6834b2facaae027a09e12249285598
6296f3150eb461848da3f1f32184f3a2630cc419
c82fd4bc394b418731afcf2be4f62859ca853edb244c2f613c31679f90a546aa
GET /origin/pgc-image/9e94df98d1a94370bea235c60005efd4 HTTP/1.1
Host: p6.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: application/json; charset=utf-8
content-length: 44
server: nginx
date: Sat, 03 Dec 2022 02:35:56 GMT
expires: Sat, 03 Dec 2022 02:36:01 GMT
age: 4
nw-session-id: 202212031035560101580272334CC3027Apnk4z02tt
nw-session-trace: 2022-12-03T10:35:56.822395545+08:00 5
x-bdcdn-cache-status: TCP_MISS
x-powered-by: ImageX
x-response-date: Sat, 03 Dec 2022 10:35:56 GMT
x-tt-logid: 202212031035560101580272334CC3027A
via: n150-112-092
x-request-ip: fdbd:dc02:22:48::233
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: inner; dur=8
x-tt-trace-host: 019c69468e2dfb3e987f701b168fe1c28c0334ddb912b2639a90b2abfe6d1dff6d8206b8743dcfff8e674b1d904f0e3e639c5b47e0ddf6429151ddc0c851e526469a0eb01c80cbb8431519becb0b5bd715be08367e3ddcab6f829dfb5f962fe09887c88c1d5eba4650077ab44bd721510e90c8bb42f72dc70ee0825c05cff2f10d
x-response-lb: image
x-link-via: nbct01:443;fzmp32:443;
x-cache-status: HIT from KS-CLOUD-FZ-MP-32-11, HIT from KS-CLOUD-NB-CT-01-02
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-request-id: ef628c6f33cfd9094ce99a82f184c2ee
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1930809608&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1930809608&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1930809608&si=a3bf9acdbb11a6af7d201180b0d6dd7a&su=https%3A%2F%2Fapi.3980011.com%2F&v=1.3.0&lv=1&sn=6554&r=0&ww=1268&u=https%3A%2F%2Fwww.yhnaf.xyz%2F&tt=%E6%A8%B1%E8%8A%B1%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 02:36:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7AF70AD9EDBB7EC1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
45.89.209.74200 OK 162 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/24/dmm7514.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 162 kB (161782 bytes)
Hash 1e71477b4f330ca3b901b5d2e3948663
4fb5006efbdcff61a4f15edba423e488b40b63b0
33c443d0564af32013c9866375b08c588f952f32697ef24c5b82cc23140c8a85
GET /images/2021/7/24/dmm7514.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 03 Dec 2022 10:35:48 GMT
Content-Type: image/jpeg
Content-Length: 161782
Last-Modified: Fri, 25 Nov 2022 12:37:14 GMT
Connection: keep-alive
ETag: "6380b6fa-277f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
wkphoto.cdn.bcebos.com/3ac79f3df8dcd10098c25c42628b4710b9122f72.jpg
116.114.98.35403 Forbidden 152 B URL HTTP/2 wkphoto.cdn.bcebos.com/3ac79f3df8dcd10098c25c42628b4710b9122f72.jpg
IP 116.114.98.35:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 5551e7d57e0e5f49f57555e455714647
28dbe88dd5232a47e4d8f1620002bde48c3157ed
5b1448238914740bc51ad7181264ba7cf994e454f03e1098f304ecfbb7be3706
GET /3ac79f3df8dcd10098c25c42628b4710b9122f72.jpg HTTP/1.1
Host: wkphoto.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: JSP3/2.0.14
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: text/html
content-length: 152
x-cache-status: MISS
x-error-info: RefererWhite
X-Firefox-Spdy: h2
p26.toutiaoimg.com/origin/pgc-image/ca1ef8ca55da4549abc1f475b9aad623
182.118.39.168200 OK 24 kB URL HTTP/2 p26.toutiaoimg.com/origin/pgc-image/ca1ef8ca55da4549abc1f475b9aad623
IP 182.118.39.168:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 200 x 100\012- data
Hash 32f15163a7111d5a79d00dc02a8e0dbd
14f53fbebcb022f4896e71815babd28483710ef6
bb527cec7aa68ab0ddbfc7f17904e229d67aae3749e981e92ffec392562d7461
GET /origin/pgc-image/ca1ef8ca55da4549abc1f475b9aad623 HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 23779
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjG19X7mY3ON5sIK4+tBjTp4rKtmoq3Vk1QAAAAAAAAAAAAAAQLGxKK+RqbUkNW+4umiT5X3HgC4M3c9CWG5dkUFyDnj3mJNAd/SYeAClEFZzu/tskHwBD28753oCqV+BHJCH7jA=; Expires=Sun, 03 Dec 2023 02:36:01 GMT; path=/;
server: openresty
age: 9394453
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 21 Oct 2021 10:23:33 GMT
nw-session-id: 202110211823330101501070820D004277k54r702tt
nw-session-trace: 2021-10-21T18:23:33.260853629+08:00 42
x-bdcdn-cache-status: TCP_MISS
x-ccdn-cachettl: 31536000
x-length: 23779
x-powered-by: ImageX
x-response-date: Thu, 21 Oct 2021 18:23:33 GMT
x-response-lb: image
x-tt-logid: 202110211823330101501070820D004277
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=14
via: CHN-HAzhengzhou-AREACUCC1-CACHE8[14],CHN-HAzhengzhou-AREACUCC1-CACHE2[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE94[5],CHN-TJ-GLOBAL1-CACHE2[0,TCP_HIT,4]
x-hcs-proxy-type: 1
x-tt-trace-host: 017936c8c452548d3d91e87d2685714d4007fb04c06b5ac3de780fb4ec0cc04c006204c3d99266fd0ead19536af9dd376dad2a1d1c58fc493aeb0529ab08ee3e1164cc0acc6bcd6e721f3f230808e7910c844a68adcfee8ae0f884b63a4fbe197d
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
182.140.218.3200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=315360000
expires: Tue, 23 Nov 2032 23:09:52 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 530768
via: http/1.1 ORI-CLOUD-HUN-MIX-117 (jcs [cHs f ]), http/1.1 SCchengdu-CT-11-MIX-25 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669504192819-0-0-14-117-117;200;200-1669774107196-0-0-0-6-6;200-1670034960934-0-0-0-1-1
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
182.118.39.168200 OK 678 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP 182.118.39.168:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 677521
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjMZ120EiAr5q8w+26q70fe3R56en8vGsSQAAAAAAAAAAAAAAQFozGdcNG4lN4pUtZXsSs+ZtAIoDELr4ApFO4WbAfGwE1wBwMUxd5L2TIG9YNIk+xTgcGQ2PpSJY+T3SqBTUKOQ=; Expires=Sun, 03 Dec 2023 02:36:01 GMT; path=/;
server: openresty
age: 2452542
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=10
via: CHN-HAzhengzhou-AREACUCC1-CACHE8[10],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE102[6],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,5]
x-hcs-proxy-type: 1
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif
182.140.218.3200 OK 415 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:36:00 GMT
content-type: image/gif
content-length: 414559
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:48:35 GMT
last-modified: Fri, 25 Nov 2022 14:27:58 GMT
age: 647247
via: http/1.1 ORI-CLOUD-HUN-MIX-33 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-30 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387714839-0-0-0-467-467;200;200-1669387835527-0-0-0-1-1;200-1670034960967-0-0-0-1-1
X-Firefox-Spdy: h2
mm87z.xyz/image/600_350.gif
23.224.145.201200 OK 1.2 MB URL HTTP/2 mm87z.xyz/image/600_350.gif
IP 23.224.145.201:0
File type GIF image data, version 89a, 600 x 350\012- data
Size 1.2 MB (1230606 bytes)
Hash cb5e73d8c2bc605f55bbb51171bff2d8
153532c932460c40f6faab373198a859a0d94883
1a57358c3826c4da196307337035ebd612b95e1862991ebf2c9fe9d08030efc0
GET /image/600_350.gif HTTP/1.1
Host: mm87z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 1230606
last-modified: Thu, 10 Mar 2022 06:17:39 GMT
etag: "62299803-12c70e"
expires: Mon, 19 Dec 2022 11:47:49 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
182.140.218.3200 OK 894 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:44:40 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 647482
via: http/1.1 ORI-CLOUD-HUN-MIX-16 (jcs [cHs f ]), http/1.1 SCchengdu-CT-11-MIX-25 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387480861-0-0-20-47-47;200;200-1669782518141-0-0-0-3-3;200-1670034961084-0-0-0-3-3
X-Firefox-Spdy: h2
taiwtp1.com/img/600400.gif
220.128.218.220200 OK 304 kB URL HTTP/2 taiwtp1.com/img/600400.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 600 x 400\012- data
Size 304 kB (304522 bytes)
Hash e0a34183ace6e0dff373311780daecf4
48e4233e415d464e22ac1ff3d2135d20e4c31eb8
eb3c73f48295ec7129fef667fd2734e038849817160510ea8cd01a4481aa0652
GET /img/600400.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:33:32 GMT
content-type: image/gif
content-length: 304522
last-modified: Mon, 02 May 2022 05:20:33 GMT
etag: "626f6a21-4a58a"
expires: Mon, 02 Jan 2023 02:33:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
84998085.com/8499/x/960x60.gif
154.39.67.221200 OK 331 kB URL HTTP/2 84998085.com/8499/x/960x60.gif
IP 154.39.67.221:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/x/960x60.gif HTTP/1.1
Host: 84998085.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 331043
last-modified: Sat, 12 Nov 2022 04:49:08 GMT
etag: "50d23-5ed3eba1092f3"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6bc3fed1829fc4d548a3a02b83a118eb
89a59e09226127da60f5071d601dac9f70029e61
4302d72e88239e0327b358f7b815544d30965f7a57f59c5f61576e2020d7f357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=95103
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 02:36:03 GMT
Etag: "6389868f-117"
Expires: Sun, 04 Dec 2022 05:01:07 GMT
Last-Modified: Fri, 02 Dec 2022 05:01:03 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.154.254.32200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.4 MB (1362871 bytes)
Hash b43c54ced7fcd33ebd9405eb26d533b7
05e5eb23ef5a79364bc8f8fd778d54a9fa335174
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 03 Dec 2022 02:36:01 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 92660 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 28dbeb99-87d8-4f0f-b021-2e478ccc81bb
X-Firefox-Spdy: h2
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
47.75.19.116200 OK 1.1 MB URL HTTP/1.1 tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/hybbff.gif
IP 47.75.19.116:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1071505 bytes)
Hash d71a0585aedaa3ec4afda6baec03ac6b
ad3a590c022e5d82b43efc4b9f159eb6598c4890
6bfb388b33c1e444ca7382fceadf93b83a753f7ff0c4c960f7b142732ac28cd8
GET /huazidongtu/hybbff.gif HTTP/1.1
Host: tupaiyy.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Dec 2022 02:36:01 GMT
Content-Type: image/gif
Content-Length: 1071505
Connection: keep-alive
x-oss-request-id: 638AB6111F8563373037D64F
Accept-Ranges: bytes
ETag: "D71A0585AEDAA3EC4AFDA6BAEC03AC6B"
Last-Modified: Mon, 04 Jul 2022 07:26:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7665046247320685581
x-oss-storage-class: Standard
Content-MD5: 1xoFha7ao+xK/aa67AOsaw==
x-oss-server-time: 1
p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
43.154.254.32200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 03 Dec 2022 02:36:04 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 184 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 8a3ce734-eccb-471e-bbda-8cc9f6fe1dca
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac15b0561874b0e98a14d037e06dc444
38197764b12e149806126e8a187b0571630d5b26
b4e8ca67dc3e119e2a41d1a362641a1354d5ef68ad18eaa4383e82d38d3c0399
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8169
x-amzn-requestid: a3054dff-b0dd-43cb-ade7-7ec1df6e672f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPWH4DoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2e-788f6fdd1a5e024259e58d80;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 56bQRYbHZJbthXKRpMuKIKkPOxTwDxReBCStAwfkSmc3afFvCcdGdg==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:43:32 GMT
age: 17554
etag: "38197764b12e149806126e8a187b0571630d5b26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.yhnaf.xyz/template/m1938pc/css/ate.css
173.231.62.141200 OK 0 B URL HTTP/2 www.yhnaf.xyz/template/m1938pc/css/ate.css
IP 173.231.62.141:0
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.yhnaf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 02:35:16 GMT
content-type: text/css
last-modified: Mon, 06 Jun 2022 14:02:22 GMT
vary: Accept-Encoding
etag: W/"629e08ee-126e4"
expires: Sat, 03 Dec 2022 14:35:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
104.21.233.183200 OK 0 B URL HTTP/2 kvkddd.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 104.21.233.183:0
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvkddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.yhnaf.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 02:36:03 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Fri, 23 Dec 2022 08:00:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 844536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs7rtkJoDIWOLVb8zWtB7IWZWB6%2BcFujFKpHEvsqjSOfK0EvAHZ1COo%2BMsid%2B5m2V63bMcKaR7%2BWAA5fscVsErnBt3vlR77jUxRI3BmXaHGZQEwGvaGrEJ3znyf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7738e98a7804dcc3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.1135555.com/images/637f75a88d97bc67605fd9e5.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1135555.com/images/637f75a88d97bc67605fd9e5.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/637f75a88d97bc67605fd9e5.gif HTTP/1.1
Host: img.1135555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.yhnaf.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b5d6c1c9ed324cc4b20976cee98cb14f
X-Firefox-Spdy: h2