r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9123
Expires: Mon, 16 Jan 2023 07:15:22 GMT
Date: Mon, 16 Jan 2023 04:43:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Mon, 16 Jan 2023 07:40:24 GMT
Date: Mon, 16 Jan 2023 04:43:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 04:42:09 GMT
content-type: application/json
age: 70
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10708
Expires: Mon, 16 Jan 2023 07:41:47 GMT
Date: Mon, 16 Jan 2023 04:43:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kLkdKm6h9TgUkfsK0KULzE0hSDGv5oQQjk5HAU9vpqec6vm5UZA6+X4aMcOGvFLEwHSQb8raASY=
x-amz-request-id: 7CG09AXA8QS26FED
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 03:55:40 GMT
age: 2859
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hacits.cn/list/8069
149.29.121.187301 Moved Permanently 0 B IP 149.29.121.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /list/8069 HTTP/1.1
Host: hacits.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 04:43:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.hacits.cn/list/8069
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 04:43:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 04:33:46 GMT
age: 573
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hacits.cn/list/8069
149.29.121.187200 OK 595 B IP 149.29.121.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (910), with CRLF line terminators
Hash c8aaf793acd969143e6a2b5c32a788e8
a6474ae02d8472d194af791c6b3fd185e555f4d0
3b8beb2b56288f83e53cd463a29c46f09fcfac6dad8f5d90bf33383d9f7cc30e
GET /list/8069 HTTP/1.1
Host: www.hacits.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2929
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 04:43:20 GMT
Last-Modified: Mon, 16 Jan 2023 03:54:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.hacits.cn/common.js
149.29.121.187200 OK 640 B IP 149.29.121.187:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1229), with no line terminators
Hash 1653d52ae185bacc75c6a55fca13e2bc
7768bc5ef7a050df6890ba01835683d3b7b06e2f
b796528605d7a4a1f76d141037556d5284e03c867d3689cbefebf5d4f6c66dc6
GET /common.js HTTP/1.1
Host: www.hacits.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hacits.cn/list/8069
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:20 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.34.149.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.149.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ba7i2+ybGZ1nTtAy4ByFxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p8jTwpYhfvoR4FY95SWL8WLG+Hc=
www.hacits.cn/tj.js
149.29.121.187200 OK 258 B IP 149.29.121.187:0
File type ASCII text, with CRLF line terminators
Hash 473469d7aa2adca3d71e6aa19d82e4fd
3a5f49d978e0e95edded682936aa0730f507df62
b0a75cfd26b1d4495f0bf22a9b75a6cbfdc7cac7af7f2247e71fba363f7d327c
GET /tj.js HTTP/1.1
Host: www.hacits.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hacits.cn/list/8069
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:20 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.hacits.cn/favicon.ico
149.29.121.187200 OK 1.2 kB URL HTTP/1.1 www.hacits.cn/favicon.ico
IP 149.29.121.187:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.hacits.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hacits.cn/list/8069
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:20 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 21 Jan 2023 04:43:20 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13371
Expires: Mon, 16 Jan 2023 08:26:12 GMT
Date: Mon, 16 Jan 2023 04:43:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13371
Expires: Mon, 16 Jan 2023 08:26:12 GMT
Date: Mon, 16 Jan 2023 04:43:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c204188905d07e146caa8476bdaf21c
26752a333f129794638937744246d817b82bd6d1
15c7043740a63067834deaf30be55873dc6793729af644ea5acf6d2c54bd82ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6647
x-amzn-requestid: 8fe2da86-9c9b-470b-a21d-b485efd0ab8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbMHG-RoAMFtJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4724d-0de93e8264539ad9172315d6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmsAv10Nls5pPHkjljNzbeyJXS1GLWKCfKeLjw_HD5UP4RPproSSEA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:30 GMT
age: 24531
etag: "26752a333f129794638937744246d817b82bd6d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880c747f-4019-446c-bcf6-dcb4511235da.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880c747f-4019-446c-bcf6-dcb4511235da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494bfa34e7da5464dfc135912fb594f6
7765eb149d57388c8aefe3ab05d132e0ab6e79cc
60d39c15569b9de90f440d634f9c996e85a6fd7d1551ed45e2cc92f3a6e2dcf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880c747f-4019-446c-bcf6-dcb4511235da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5595
x-amzn-requestid: 1bd2483a-1f70-46d0-824b-c1ac4f293f85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etktkGijoAMFcdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b23-5aa79dba18867bdb62e26372;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d_A-E2qXUl2orUwePJlOVNCj73TYGASZuxUIGl_U9y4qwbksHiOSsg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 11:23:53 GMT
age: 62368
etag: "7765eb149d57388c8aefe3ab05d132e0ab6e79cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad1a79b09348c4959a8ac05513efcb78
10c0a66add63c868ff332022f588e65f4ac1ec15
8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rlWcTZTEG0kynoJM9bd9eba8kiPvodkF7ewyDV7JaR9qPjiNMApa1g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 00:20:11 GMT
age: 15790
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 24612
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 48e4d33d0e2d8dfc127917632a45ec79
7a124673f4e413bc58a429ae6fb72618f08938d2
1e195f91ce82097f1e0677f5b26db495dd93a714364b2086f618e8b477f05497
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12703
x-amzn-requestid: df3a2816-a340-4aa7-bade-50d66b499da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq167Gc7oAMF-0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c10378-6d3edaab0ddee58476197d69;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YRBVVanJq2UY_NaQv4BUy2gqwIzdys6SpR0FymDH67XK_rJ2LnGloQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 09:19:46 GMT
age: 69815
etag: "7a124673f4e413bc58a429ae6fb72618f08938d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 967f1203a41980b914f19374ecd15973
65806af5bd4421fbacb00cd32f6102ab3f4cf1f1
7fec48c42cda6aaa3f17ad1db30968b04ffea392ad949e646bba763e53508329
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8040
x-amzn-requestid: 7efc2aac-9fd9-46d9-852c-6d05fc2855bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbQ_GsfoAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a59f-6bdc34270507318c07cd1c55;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:05:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BBdeZ-QXhF17DArwOFOEedRMKCp9Y_9qKiHsTdxqPAN5KBk-7_5SSQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:58:41 GMT
age: 74680
etag: "65806af5bd4421fbacb00cd32f6102ab3f4cf1f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash adec46c647c1d92f76a413870e97fcff
5da16a0b45739fbcb48231b6d69b6af9a7c3c25f
c14dbff653a35e685b21a502745b136ed4d5ff246b29c3bbcd1fc979f03b068e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 20 Jan 2023 02:00:46 GMT
ETag: "5da16a0b45739fbcb48231b6d69b6af9a7c3c25f"
Last-Modified: Mon, 16 Jan 2023 02:00:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a43095fefeb521-OSL
kuyabq113.top/
122.10.69.153200 OK 13 kB IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1301), with CRLF, LF line terminators
Hash d9d1b7e4f41f69b82dfbaa6e4deff446
d23d9975c0274276cd995d3078d4853cf66f3f77
2667f6f3f090b482c8c63d5a5030198d6f43bff58e0e4be31c87444cb13e29fa
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hacits.cn/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
kuyabq113.top/template/m1938pc/static/css/style.css
122.10.69.153200 OK 6.0 kB URL HTTP/1.1 kuyabq113.top/template/m1938pc/static/css/style.css
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text, with very long lines (341)
Hash 940e69095b402c0be8221fbc8c5ee188
b8718beffe6d429295fa50af9a1de7d9f47948f4
cfbc23ef2df5975424979e4e89b9069414b03134cf80f63129fd59abf6ca1aca
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:22 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jun 2022 03:51:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62abfa5a-6320"
Expires: Mon, 16 Jan 2023 16:43:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
kuyabq113.top/template/m1938pc/static/js/nativeshare.js
122.10.69.153200 OK 5.4 kB URL HTTP/1.1 kuyabq113.top/template/m1938pc/static/js/nativeshare.js
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (23442), with no line terminators
Hash 8c009c948972b74f431b5fc75073ca94
0aa90f010453081428a2eddd14102094fef16d53
8d00ef00c947a56a4dfffcde531b22214528afee0a7f5961feffd4f00a196970
GET /template/m1938pc/static/js/nativeshare.js HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 17 Jun 2022 02:29:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62abe706-5bd6"
Expires: Mon, 16 Jan 2023 16:43:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
kuyabq113.top/template/m1938pc/ads/sz_zyxf.js
122.10.69.153200 OK 1.6 kB URL HTTP/1.1 kuyabq113.top/template/m1938pc/ads/sz_zyxf.js
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text
Hash eb9eb1b3ca15e14418f56e887f033eca
d28ed516bde47c93a7c2da43a2ac73f97348b0ae
76d2357579529bc96b879a0bcbd3e264d248c572b5913f38150d5193814c2f4d
GET /template/m1938pc/ads/sz_zyxf.js HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:22 GMT
Content-Type: application/javascript
Last-Modified: Mon, 02 Jan 2023 06:47:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b27df8-21d2"
Expires: Mon, 16 Jan 2023 16:43:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?57a0507ea7323691086ff5b5faaccd60
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?57a0507ea7323691086ff5b5faaccd60
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 2706a79419dc265a9182af9555275600
3232c8c37bdbad1aa037d3114f5e0eade425a985
05cd63c51ef2c81e7f5be9865222fc4fef4508558d8be50e51507a9abb299412
GET /hm.js?57a0507ea7323691086ff5b5faaccd60 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hacits.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11264
Content-Type: application/javascript
Date: Mon, 16 Jan 2023 04:43:22 GMT
Etag: b034473a9d6575ed888f4b82acea7c18
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1D8540E35417D877; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kuyabq113.top/template/m1938pc/static/images/arrow_up.png
122.10.69.153200 OK 398 B URL HTTP/1.1 kuyabq113.top/template/m1938pc/static/images/arrow_up.png
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 353247650251bb3b54b709aa3441deb0
9784d902cbdfbf51cbe3f0281098575311fd5d2f
cdd12906b6861716ac4c33bcb08ff9164f9269b304748e54886482e773d26aec
GET /template/m1938pc/static/images/arrow_up.png HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/template/m1938pc/static/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:23 GMT
Content-Type: image/png
Content-Length: 398
Last-Modified: Fri, 17 Jun 2022 02:29:24 GMT
Connection: keep-alive
ETag: "62abe704-18e"
Expires: Wed, 15 Feb 2023 04:43:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
kuyabq113.top/template/m1938pc/static/images/share.png
122.10.69.153200 OK 3.2 kB URL HTTP/1.1 kuyabq113.top/template/m1938pc/static/images/share.png
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 39 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 02f6a2fe1a4a8668aca32a1c08040c0f
72d7273e5e561ed4c70bd0ccef8e66407b9e7ce0
30a473f2f6a26ac3d2fb1538744d781985d6051cf1e8a54a4e8a8d1fabb0e8f8
GET /template/m1938pc/static/images/share.png HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/template/m1938pc/static/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:23 GMT
Content-Type: image/png
Content-Length: 3172
Last-Modified: Fri, 17 Jun 2022 02:29:30 GMT
Connection: keep-alive
ETag: "62abe70a-c64"
Expires: Wed, 15 Feb 2023 04:43:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
kuyabq113.top/template/m1938pc/static/picture/play.png
122.10.69.153200 OK 914 B URL HTTP/1.1 kuyabq113.top/template/m1938pc/static/picture/play.png
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d0bcf0dff3f7074e9a3ce72a06b4a9a8
48fbeab48ed57e626fe00e5e6617b7729726995e
ed0681b32fabd508fcc2aa62f2408181053043302e8089fd200da0649981f972
GET /template/m1938pc/static/picture/play.png HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:23 GMT
Content-Type: image/png
Content-Length: 914
Last-Modified: Fri, 17 Jun 2022 02:29:26 GMT
Connection: keep-alive
ETag: "62abe706-392"
Expires: Wed, 15 Feb 2023 04:43:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
kuyabq113.top/template/m1938pc/ads/sp2.gif
122.10.69.153404 Not Found 146 B URL HTTP/1.1 kuyabq113.top/template/m1938pc/ads/sp2.gif
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/sp2.gif HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 16 Jan 2023 04:43:23 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?907c53db77eb917e697c6a2d35a42159
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?907c53db77eb917e697c6a2d35a42159
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash 33fadc2332aaa7635f5d81988474b5ce
737928d9cb408e62f5ae443081ff143bd1e1a3e1
82eae666d4a483ef9a809d3a90a2e0d814799de58a520a010b4c9211d3c636f9
GET /hm.js?907c53db77eb917e697c6a2d35a42159 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Mon, 16 Jan 2023 04:43:22 GMT
Etag: 8ca371f7f521eb18fa8dbfb1913689e2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F7EE9F593B604952; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=154253269&si=57a0507ea7323691086ff5b5faaccd60&v=1.3.0&lv=1&sn=14769&r=0&ww=1280&u=http%3A%2F%2Fwww.hacits.cn%2Flist%2F8069&tt=%E5%8D%9A%E7%BD%97%E9%99%88%E8%AF%99%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=154253269&si=57a0507ea7323691086ff5b5faaccd60&v=1.3.0&lv=1&sn=14769&r=0&ww=1280&u=http%3A%2F%2Fwww.hacits.cn%2Flist%2F8069&tt=%E5%8D%9A%E7%BD%97%E9%99%88%E8%AF%99%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=154253269&si=57a0507ea7323691086ff5b5faaccd60&v=1.3.0&lv=1&sn=14769&r=0&ww=1280&u=http%3A%2F%2Fwww.hacits.cn%2Flist%2F8069&tt=%E5%8D%9A%E7%BD%97%E9%99%88%E8%AF%99%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hacits.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 Jan 2023 04:43:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B004FFB5AC1D1A82; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1551043330&si=907c53db77eb917e697c6a2d35a42159&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14769&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1551043330&si=907c53db77eb917e697c6a2d35a42159&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14769&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1551043330&si=907c53db77eb917e697c6a2d35a42159&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14769&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 Jan 2023 04:43:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EF1CE6741E7EFA83; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?b6267909077517b271f24efcf233727e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b6267909077517b271f24efcf233727e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 79b6501e7620ee5d97c47575073c2cdc
f2c603f75c0664799d8317b1f39e7318e7b32405
a01227f2eeb3d5871dada34f349b57a6f91e23ebfc242cf385c47f1b13b81137
GET /hm.js?b6267909077517b271f24efcf233727e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 16 Jan 2023 04:43:23 GMT
Etag: 1e4461cbfba11f639f1b57cee6b3bc5e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=131D269EF0F6AE72; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?35de381cc0c648645971ed1374c15f1f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?35de381cc0c648645971ed1374c15f1f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash ff0ad47cbd67fb21bd85878b3644e080
93d87d1e33a88051c3375ab55e12400a95caa6ca
d103fc5b99b1d7c230c618c59f626e1446ab652a5f6bd6710eaa7188ca303dff
GET /hm.js?35de381cc0c648645971ed1374c15f1f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Mon, 16 Jan 2023 04:43:23 GMT
Etag: ce1d890b1d79d1c68f9f9da41df6fe37
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=717D32CD56276347; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
13.227.254.117200 OK 393 kB URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 13.227.254.117:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 393 kB (393378 bytes)
Hash a930de5ec6e818c397927d0c8e288eb4
5740c07c68ec2828cf3544a76afa1755077a6f57
e5a218bd1dc9bc6410f36069969a1c36a3f34f0d42079c4bd02ec8c19421bee0
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393378
last-modified: Tue, 03 Jan 2023 03:28:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 15 Jan 2023 15:05:27 GMT
etag: "a930de5ec6e818c397927d0c8e288eb4"
x-cache: Hit from cloudfront
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: Zf78lrhLz48-jq2QO-AiAjLruTfQ_rqhhMEOqSrYqzSB2FL5UJvnlQ==
age: 49077
X-Firefox-Spdy: h2
kuyabq113.top/template/m1938pc/ads/meigaomei.gif
122.10.69.153200 OK 671 kB URL HTTP/1.1 kuyabq113.top/template/m1938pc/ads/meigaomei.gif
IP 122.10.69.153:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 960 x 60\012- data
Size 671 kB (671196 bytes)
Hash 38d591e68e8d0ed4e8df4a32805d31be
8589e0abcdd2dacc4de614431a19721303b885f1
692fe8bc9a984f0bb9567eaf689e2d27ac88f04ec57a8385b2f2130ddc432d29
GET /template/m1938pc/ads/meigaomei.gif HTTP/1.1
Host: kuyabq113.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuyabq113.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 04:43:23 GMT
Content-Type: image/gif
Content-Length: 671196
Last-Modified: Mon, 26 Dec 2022 11:30:05 GMT
Connection: keep-alive
ETag: "63a985bd-a3ddc"
Expires: Wed, 15 Feb 2023 04:43:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
13.227.254.43200 OK 919 kB URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 13.227.254.43:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 918679
last-modified: Mon, 19 Dec 2022 07:54:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 15 Jan 2023 12:17:05 GMT
etag: "956582dd3aa22ca9b19bdd1d5e091e24"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: Cz-VWDNg07L1Af5DAyZEw7yPV0t82x1vly9YcM0K3zSnk-N75AlipA==
age: 59179
X-Firefox-Spdy: h2
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
13.227.254.64200 OK 902 kB URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 13.227.254.64:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 902313
last-modified: Thu, 15 Dec 2022 02:17:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 15 Jan 2023 05:01:54 GMT
etag: "8b4a95ea7cfbb7fb4d2b18efca5145f3"
x-cache: Hit from cloudfront
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: K-JY4D23n8B9MQ7KeRLfI05Mp-TW9LccOI38R5Qz-8IYgjCjiyxEWg==
age: 85295
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b63f507a34dec00da8907a238931429e
754af1e0c8c1910b508aa406e5518cf1c36f1f50
a4adb74f38e4454b7037f468a8d319014dbfa2386d8da8910157fde0901c7a10
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A4ADB74F38E4454B7037F468A8D319014DBFA2386D8DA8910157FDE0901C7A10"
Last-Modified: Fri, 13 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15263
Expires: Mon, 16 Jan 2023 08:57:47 GMT
Date: Mon, 16 Jan 2023 04:43:24 GMT
Connection: keep-alive
image.qkf7jq3b.space/n2MgydKZEk.jpg
172.67.130.137200 OK 59 kB URL HTTP/2 image.qkf7jq3b.space/n2MgydKZEk.jpg
IP 172.67.130.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x1024, components 3\012- data
Hash c4d4076b7558eac63e3edfde0ffbdafb
0d652f48e6b9a452f0a471563161d15015046c08
f7495063bb8f49b32a707d360127f928c14964efba7bc4376fb02b393f48d52d
GET /n2MgydKZEk.jpg HTTP/1.1
Host: image.qkf7jq3b.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 04:43:24 GMT
content-type: image/jpeg
content-length: 58621
last-modified: Fri, 08 Jul 2022 14:19:52 GMT
etag: "62c83d08-e4fd"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,DELETE
access-control-allow-header: Content-Type,*
cache-control: max-age=432000
cf-cache-status: HIT
age: 6303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbeuVI9TUyfiaz%2FZwU7vt2P%2Bi62q4wfUaulgkI%2Fyig%2BCcDnpe%2B6l1IMAWsSaumeZzG66fV4ujxEUDS8E0YCisSDETGMRAprWxuqj1SBhHym%2Bl9i7rneafi00AcKzsPoTCtjwPY92nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a430a6592ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1851920973&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1851920973&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1851920973&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 Jan 2023 04:43:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1B23FE9E375C28A3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b63f507a34dec00da8907a238931429e
754af1e0c8c1910b508aa406e5518cf1c36f1f50
a4adb74f38e4454b7037f468a8d319014dbfa2386d8da8910157fde0901c7a10
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A4ADB74F38E4454B7037F468A8D319014DBFA2386D8DA8910157FDE0901C7A10"
Last-Modified: Fri, 13 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15263
Expires: Mon, 16 Jan 2023 08:57:47 GMT
Date: Mon, 16 Jan 2023 04:43:24 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1635859552&si=35de381cc0c648645971ed1374c15f1f&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1635859552&si=35de381cc0c648645971ed1374c15f1f&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1635859552&si=35de381cc0c648645971ed1374c15f1f&su=http%3A%2F%2Fwww.hacits.cn%2F&v=1.3.0&lv=1&sn=14770&r=0&ww=1268&u=http%3A%2F%2Fkuyabq113.top%2F&tt=%E4%B9%85%E4%B9%85%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 Jan 2023 04:43:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=32DE35BE0B7B8DE7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 2175819460672736c13f80229392182e
64ace482254905d5221e351d6f8e4ce2c2b366d8
54a32a23b4f0bc67999171718e0f37b95a20de6e12f5191c8d13a39b8a063e01
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 18:41:08 GMT
Expires: Fri, 20 Jan 2023 18:41:07 GMT
Etag: "64ace482254905d5221e351d6f8e4ce2c2b366d8"
Cache-Control: max-age=395262,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a430a7fcaa1c02-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash a035ff852b7789bf67f44f396d801d5b
8d0426f787693edadfbdc2223f87f109b3b4d093
946025e1e0fd7230ce9fabcc30d23e7debc8bd686580e1406ac1ff52d6b487e8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 20:13:20 GMT
Expires: Sat, 21 Jan 2023 20:13:19 GMT
Etag: "8d0426f787693edadfbdc2223f87f109b3b4d093"
Cache-Control: max-age=487194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a430a7df44b521-OSL
xinchacha2dv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash cd3a44b02dbfb870a0482f7c40d3bb90
1cd86e968f8b8ce5224d08aa1082d9adff29d216
c354da14dd6789b2c525476bc91ee47efa56fe1bfdbe09d0234270d94e8ab8e1
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=272
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
X-N: S
xinchacha2dv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 98d7cd749f3982bea4c7a9a4f0ae5ba5
b7b9e2b033608957b36d958bcbad85190c501367
77335d06683eaaf663b44d77d812cb516063d983c2910676b966f93130ec6e11
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 0ac1f3d7561fc40e49577671b0f9f3ae
5bb6dcca75b5d43a3cee724a60fa8f2d0db6ecc8
1427f1cb8a35fcb1bc7e5f2e4561a8f2269cfbfc7744c98b00089239f86f7802
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=848
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eab6bf0ccceb423c8ed29e96162cc4aa
82e39fe3201156517b8da8dbb7c79b5262a1a151
66f09259af8d0149e3282fcdb2dbc8272bc762cbcee598f5f1ab948e3022dd5b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:27:09 GMT
Expires: Sun, 22 Jan 2023 03:27:08 GMT
Etag: "82e39fe3201156517b8da8dbb7c79b5262a1a151"
Cache-Control: max-age=513222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a430ac4aa80b02-OSL
8499221.com/8499/320x185.gif
172.247.109.212200 OK 189 kB URL HTTP/2 8499221.com/8499/320x185.gif
IP 172.247.109.212:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 189 kB (188752 bytes)
Hash b509f2dc9b21ae7425713b0313a9e0ae
f8d9ab2e41c442872a8193cdefbfd24972c25d49
9ca2b0643406090c29973b82953032ca7f0027b0ae2d871e5de77e89ce2f1c21
GET /8499/320x185.gif HTTP/1.1
Host: 8499221.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 04:43:25 GMT
content-type: image/gif
content-length: 188752
last-modified: Wed, 28 Dec 2022 08:15:26 GMT
etag: "2e150-5f0def882b185"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 791262ab8f686005015c6116c8d880f9
3ffd3b22797a5f6a287c34485b4a8a7e12418f87
06baab58b8e262b29ab4708fb6a8a946f5bc8b3f6c3beba822406541d7d72ae9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06BAAB58B8E262B29AB4708FB6A8A946F5BC8B3F6C3BEBA822406541D7D72AE9"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Mon, 16 Jan 2023 09:31:33 GMT
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash d1e46c366bbd17ddc14be69a5002aa92
358608de9b2dde079f592b6b8ce3afdfbd3860f2
a52e58f410990d0a6cf1927f116fa62e1abad80197c2132c445eb5e866e2f2d7
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=864
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
X-N: S
i.zangnei.com/image.gif
138.113.31.67302 Moved Temporarily 0 B IP 138.113.31.67:0
ASN #54994 QUANTILNETWORKS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image.gif HTTP/1.1
Host: i.zangnei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Length: 0
Connection: keep-alive
Server: Cdn Cache Server V2.0
Location: http://i.zangnei.com/image.gif
X-Via: 1.0 PS-FRA-014cL39:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63c4d5ed_kf37_57275-33095
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash af97192a7a1f1ef8a63e57658288bae7
6172800980f90fe0b1db1719586298374831072b
8442662cce38c99190e2d2a1de90ac43a1bf9c596af57a5b6037f5a3211ca43f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8442662CCE38C99190E2D2A1DE90AC43A1BF9C596AF57A5B6037F5A3211CA43F"
Last-Modified: Mon, 16 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19833
Expires: Mon, 16 Jan 2023 10:13:58 GMT
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
i.zangnei.com/image.gif
138.113.31.67200 OK 270 kB IP 138.113.31.67:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 300 x 250\012- data
Size 270 kB (270284 bytes)
Hash e180b09c588af233fab66da13f3c281b
db0d0bee4a4ac4c27e564033465cf92dc2f8d0c3
27321268b50770cf1849cc5d634c018d8330b5968b9c11194a44fdb421ba6aae
GET /image.gif HTTP/1.1
Host: i.zangnei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://kuyabq113.top/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Type: image/gif
Content-Length: 270284
Connection: keep-alive
Server: nginx/1.10.3 (Ubuntu)
Last-Modified: Sun, 15 Jan 2023 12:57:09 GMT
ETag: "63c3f825-41fcc"
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 ianxun22:10 (Cdn Cache Server V2.0), 1.1 PS-FRA-014cL39:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63c4d5ed_kf37_55990-60536
8499483.com/8499/zzxx/960x80.gif
23.225.237.35200 OK 367 kB URL HTTP/2 8499483.com/8499/zzxx/960x80.gif
IP 23.225.237.35:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 367 kB (366944 bytes)
Hash bde9cbff38e305f40a245a7cf87bd85a
4aaa627b0db260ac7f97a9223e93b1e2f35caba4
375eaceb954016306188bd02f6cc229f71c8e1ef337e99b6ec0a98fad9b3eb7e
GET /8499/zzxx/960x80.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 04:43:25 GMT
content-type: image/gif
content-length: 366944
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "59960-5f092cf09840f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f6eda2e858e8b372d94d8668c7ecc1d
dfb6d7943a3c66a411b0aabcb0c963e949620415
85445d6750a149f987f6793215550ceb5541e0c90152059a8d3e288bc350d3be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85445D6750A149F987F6793215550CEB5541E0C90152059A8D3E288BC350D3BE"
Last-Modified: Sun, 15 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=625
Expires: Mon, 16 Jan 2023 04:53:50 GMT
Date: Mon, 16 Jan 2023 04:43:25 GMT
Connection: keep-alive
www.xmaadebabsddxs.com/new/logo/1.gif
20.187.75.50200 OK 332 kB URL HTTP/1.1 www.xmaadebabsddxs.com/new/logo/1.gif
IP 20.187.75.50:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 200 x 200\012- data
Size 332 kB (332214 bytes)
Hash 71df98e6d8dd1d6925402fae60190946
ab970b7f32e40a759c98fa6f8aa80fea8135659e
8ab04ea9eccb6c43cbd7b55f28566cfd2b691f995705be926b809fd1dc5da4fc
GET /new/logo/1.gif HTTP/1.1
Host: www.xmaadebabsddxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Type: image/gif
Content-Length: 332214
Connection: keep-alive
Last-Modified: Thu, 07 Jul 2022 06:50:05 GMT
ETag: "62c6821d-511b6"
Accept-Ranges: bytes
Server: cdn
X-Cache-Status: MISS
88883aaa.com/d5fccf5f1d6046b28ccae6f509cc6f61.gif
103.170.15.106200 OK 566 kB URL HTTP/1.1 88883aaa.com/d5fccf5f1d6046b28ccae6f509cc6f61.gif
IP 103.170.15.106:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565668 bytes)
Hash 7faaf25b3ed4ab8031e869603846de73
6ff1d7fdc43329a1b4b9d0091c71d60bc3337516
96bf2f7ea23e8e832c4a4504ffb1443b36da12f6759b67bef896f1b72c236439
GET /d5fccf5f1d6046b28ccae6f509cc6f61.gif HTTP/1.1
Host: 88883aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a42dd2-8a1a4"
Date: Wed, 04 Jan 2023 15:39:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:13:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 565668
lc.ezfxpuo.cn/gg/960x120-2.gif
218.66.171.192200 OK 217 kB URL HTTP/2 lc.ezfxpuo.cn/gg/960x120-2.gif
IP 218.66.171.192:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 217 kB (217136 bytes)
Hash 6ebdbf3cf0e36bc52170fc96d24ca694
b2276ae9fbb42e5de246232eeac1750ab781ffec
7c244c47c7c3c579c18595af820f67e580e33afcf32240832c6e202270b57994
GET /gg/960x120-2.gif HTTP/1.1
Host: lc.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Mon, 16 Jan 2023 04:43:25 GMT
content-type: image/gif
content-length: 217136
x-oss-request-id: 63A4A4FC1F856337391224CB
etag: "6EBDBF3CF0E36BC52170FC96D24CA694"
last-modified: Sat, 02 Jul 2022 01:53:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 210259037520302579
x-oss-storage-class: Standard
content-md5: br2/PPDja8UhcPyW0kymlA==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ky.lvcfgus.cn/960X60.gif
218.66.171.198200 OK 254 kB IP 218.66.171.198:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: ky.lvcfgus.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Mon, 16 Jan 2023 04:43:25 GMT
content-type: image/gif
content-length: 253519
x-oss-request-id: 63A4A4F122AAFC3439A9E542
etag: "F744E995971941B6A95FCD2636F5A545"
last-modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/6f0dd539-c567-4d6f-9643-256c5a357277.gif
120.52.95.234200 OK 924 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/6f0dd539-c567-4d6f-9643-256c5a357277.gif
IP 120.52.95.234:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 620 x 250\012- data
Size 924 kB (923609 bytes)
Hash 215e3108b0b5d58a2649146c1b07bd2a
eb53fd999b589db24f9978af8b4a6fa4689adfe2
f05c966ece6496fe400a5bce5f0eec6a3ff6c0076d861c4e6fe240fb33b0a9d1
GET /bbs/topic/images/2022-12/6f0dd539-c567-4d6f-9643-256c5a357277.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Type: image/gif
Content-Length: 923609
Connection: keep-alive
Server: openresty
Age: 2223574
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "215e3108b0b5d58a2649146c1b07bd2a"
Last-Modified: Wed, 21 Dec 2022 11:03:30 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE35[4],CHN-HElangfang-AREACUCC1-CACHE26[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE51[153],CHN-TJ-GLOBAL1-CACHE37[147,TCP_MISS,151]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3V4Yuj2dtD/qEPCgVU/YmcsGGW5cs2
x-amz-request-id: 00000185345A99FD940C870B875C3118
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
qp.ezfxpuo.cn/300x250.gif
218.66.171.122200 OK 158 kB URL HTTP/2 qp.ezfxpuo.cn/300x250.gif
IP 218.66.171.122:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 158 kB (157769 bytes)
Hash acdc62fea37fc13909e00e26ec730616
d3faf5daf8632482a2e75358696b417736e63b76
1e789e44315008799ae67b1a14e09a1d1900e852b579d57a6a2cbaa63094d3e9
GET /300x250.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Mon, 16 Jan 2023 04:43:26 GMT
content-type: image/gif
content-length: 157769
x-oss-request-id: 63A4A4FCDA8A7932391F812B
etag: "ACDC62FEA37FC13909E00E26EC730616"
last-modified: Mon, 03 Oct 2022 10:13:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2276169507902994919
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: rNxi/qN/wTkJ4A4m7HMGFg==
x-oss-server-time: 56
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
120.52.95.234200 OK 1.1 MB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP 120.52.95.234:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuyabq113.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 04:43:25 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 2239414
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE32[3],CHN-HElangfang-AREACUCC1-CACHE30[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE54[16],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,13]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes