firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 10:42:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -Vfn-kPtmx0EPjLpy3RVAkyZXFw3gwajM8OyaHvKBWKGExdxi6KQlw==
Age: 2749
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3026
Expires: Sat, 03 Sep 2022 12:19:14 GMT
Date: Sat, 03 Sep 2022 11:28:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6i-SOzgUWgxfp4y8REosSaktzkEQ5xWdI2nT5CFSkhMYNYwKIEd6yw==
age: 36811
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 11:28:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 03 Sep 2022 10:38:16 GMT
Expires: Sat, 03 Sep 2022 11:33:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6QSNod0d3Cy3gz7t_HFqIBBeA67ha4vAQPBFM1RWbpxFQ9p2eednWQ==
Age: 3033
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1991
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 11:28:49 GMT
Last-Modified: Sat, 03 Sep 2022 10:55:38 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1IV/VzmU3VgiW6KTmBqLmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b23K6XsduC4u85geBHOIHPIcPF4=
lyg.99cfw.com/changfang/zrOyzvcHz.htm
118.123.213.55200 OK 4.8 kB URL HTTP/1.1 lyg.99cfw.com/changfang/zrOyzvcHz.htm
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1618), with CRLF line terminators
Hash 834c1cce19041be7cffec5c9e06d1027
a73d440a11f438b63c36f669a3d5fb446a211217
56f96727f4e7b7831f58324ff8b4cef81bb84aaed926c0cf7b53d6e1d458eb5f
GET /changfang/zrOyzvcHz.htm HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: 99cfw=c=43s; expires=Sun, 03-Sep-2023 11:28:46 GMT; domain=99cfw.com; path=/
ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE; secure; path=/
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:46 GMT
Content-Length: 4795
lyg.99cfw.com/qietu/css/global.css?v=1.1
118.123.213.55200 OK 1.1 kB URL HTTP/1.1 lyg.99cfw.com/qietu/css/global.css?v=1.1
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 8b836d4e2381974b833ffd21c7450bfb
c9a129e09ddad920699253962f7b165a2dc029f8
9e81a965f7174f0c7e70c0cf01e1b3dc039fd71765f6238281a5343718f5f230
GET /qietu/css/global.css?v=1.1 HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 16:07:01 GMT
Accept-Ranges: bytes
ETag: "804051294952d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:47 GMT
Content-Length: 1109
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 11:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 11:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 11:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2606
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 11:28:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac5cedb16d42137f0da53ffa29c68640
f5b2ed7f99ce2149cdc7ca905bead01cb12fe8ab
9ceae944314eae39f0af8fa5abd17515b9fd32771cececb0c7321a7bfbf4645f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91ab4da-b2c8-4694-8888-dbef16ff0822.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9468
x-amzn-requestid: 326b8125-dc3d-4ca8-bdda-50464d1cfc61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0DjwHbqIAMFeww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117fb1-2a1151c94cf19ba05c4b47ee;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:59:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z4GlrY5n1_Kg3lQ2aRf3-BmbSu0Z89by_oXrzDwlvEQ5HVS2vIer0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:30 GMT
age: 61092
etag: "f5b2ed7f99ce2149cdc7ca905bead01cb12fe8ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a0f68a2f0641e6d6c7969640b28bdc0f
fd282e3839dc16bcd431dc48ca41814dfa58db26
8a9d287d1c988b609abdf41e3b0b82351ef938aac11b20abb73a687cfe2362ac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:28:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Sep 2022 07:47:45 GMT
ETag: "fd282e3839dc16bcd431dc48ca41814dfa58db26"
Last-Modified: Sat, 03 Sep 2022 07:47:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1501
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744e24eee89cb509-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 46190
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85bb0a09818a7c5f9e92e5b0faa057a4
ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3
d7e1901bdae487d1c4f4d0c8fdfd090f8f0baff719f319666395f91dc147d250
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12612
x-amzn-requestid: c89164ee-6194-4a96-9a7f-b8c03478ef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xihm-GiPIAMFglA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a7c92-7def0f7964f7f0d336810aae;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:20:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fEeJ_Zw9Egt6gQYinki1fMzvqdQgixv0iBio2G4KsMppWkYhEB_SCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:02:45 GMT
age: 30366
etag: "ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1yjBt3dqEztIRHo4yR3ZzI67J4lWUMS8R44-PpkeDJ4KNdCTPkmh-w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:45:35 GMT
age: 24196
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: 43535b37-15c9-4a28-a7c0-f43482948382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqlhGFX4IAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db606-77bd935d4364050f230ba5da;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:02:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y_-knSwUodyBxS8I8PAoUexT6Z4o0Aq7m62v7HrRjm7vV-jP0VuCpw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 06:26:07 GMT
age: 18164
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 48377
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash be804c7cb66e2f2ce992cfb98e9f26c1
8050ff253de073697b25b0f444906f27cb7f163f
84ef6e09de086df9ec2b698aeb41b8d30f08fe5398c9794abb5af55f8d9ceb45
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:28:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Sep 2022 09:47:15 GMT
ETag: "8050ff253de073697b25b0f444906f27cb7f163f"
Last-Modified: Sat, 03 Sep 2022 09:47:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744e24ef590ab509-OSL
js.users.51.la/4903686.js
103.143.19.103200 OK 2.5 kB URL HTTP/1.1 js.users.51.la/4903686.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document, ASCII text, with very long lines (5205)
Hash a2e34514fb30f710c45cee68c1a8d464
bd0621e1be42d282e9892c36cbf7fffff7fdaa94
e7afacfca4df55fb490aeb9d994531376bba0628f4b204ff4d029fb6434992b2
Analyzer Verdict Alert fortinet Malware
GET /4903686.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 03 Sep 2022 11:28:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=0aac25ad355fc4b9a7c; path=/
HWWAFSESTIME=1662204526956; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
lyg.99cfw.com/qietu/css/xiangqing.css?v=1.6
118.123.213.55200 OK 1.7 kB URL HTTP/1.1 lyg.99cfw.com/qietu/css/xiangqing.css?v=1.6
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type ASCII text, with CRLF line terminators
Hash 9f1b2b72bab318732daca5ee5b343035
53de3ea6b7bda9248a8fb9e3607586250584ac06
f7a44e6c5f2dd4f14c627b6220054ac99c4265b3e3477669c95a76247be3ab9c
GET /qietu/css/xiangqing.css?v=1.6 HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Mon, 01 Aug 2022 16:18:12 GMT
Accept-Ranges: bytes
ETag: "0bab74bc2a5d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:49 GMT
Content-Length: 1669
api.map.baidu.com/api?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM
103.235.46.245200 OK 254 B URL HTTP/1.1 api.map.baidu.com/api?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM
IP 103.235.46.245:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document, ASCII text, with no line terminators
Hash ee2f4cd7c866eeb8a6f546dce7f644f4
0db909db651830e4f3890e4b9c60e3a545d144eb
85e478a71120f89a5aa1bbc3c685707fa44925a65f7f1b6c06b0b273305cd9b2
GET /api?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 254
Content-Type: text/javascript;charset=utf-8
Date: Sat, 03 Sep 2022 11:28:51 GMT
Expires: Sun, 04 Sep 2022 11:28:51 GMT
Http_x_bd_logid: 1731561342
Http_x_bd_logid64: 1731561950771192842
Http_x_bd_product: map
Http_x_bd_subsys: apimap
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AB11E304486BC96059C9B1966611E957:FG=1; expires=Sun, 03-Sep-23 11:28:51 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
BAIDUID=CA739FEF4FBAB44509122D962DDB2CD9:FG=1; expires=Sun, 03-Sep-23 11:28:51 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 17315613420614234890090319
cdn.99cfw.com/js/global.js?v=1.5
118.123.213.55200 OK 1.3 kB URL HTTP/1.1 cdn.99cfw.com/js/global.js?v=1.5
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5e739db96d068ff20b55b82af491da90
fa0b126a6c3a374237da16a0b0b2275a2697b05e
3fae4336323f3bb17b7d963202217eed71c934615ed1341c776aa5986658479c
GET /js/global.js?v=1.5 HTTP/1.1
Host: cdn.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Cookie: 99cfw=c=43s
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Tue, 31 May 2022 06:36:53 GMT
Accept-Ranges: bytes
ETag: "80309ad0b874d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sat, 03 Sep 2022 11:28:49 GMT
Content-Length: 1288
cdn.99cfw.com/jquery/jquery-1.12.4.min.js
118.123.213.55200 OK 34 kB URL HTTP/1.1 cdn.99cfw.com/jquery/jquery-1.12.4.min.js
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type ASCII text, with very long lines (32077)
Hash 0de0fe71c1cfd6943f8ea16438da3bef
df59321eec40d168bf2ee932fe63518a6bb96c71
0c4ed111e892c7f931537f659e434670a5818ac7f28c980807308bc0b40e7ea2
GET /jquery/jquery-1.12.4.min.js HTTP/1.1
Host: cdn.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Cookie: 99cfw=c=43s
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2020 08:49:03 GMT
Accept-Ranges: bytes
ETag: "80e9e64d88d3d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sat, 03 Sep 2022 11:28:49 GMT
Content-Length: 33835
lyg.99cfw.com/pub/img/002.gif
118.123.213.55200 OK 127 B URL HTTP/1.1 lyg.99cfw.com/pub/img/002.gif
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 16 x 16\012- data
Hash 424a53d6927ca20b20acf39d12e1adc6
c186578fc7a3168e05d519ce272bd1181d896ee0
6d49c19c4d7efe0a9933cbeced5a78376ff102436ac1815d1a74930264269d17
GET /pub/img/002.gif HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 05 Jan 2021 16:42:06 GMT
Accept-Ranges: bytes
ETag: "2eb80b481e3d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:50 GMT
Content-Length: 127
lyg.99cfw.com/qietu/img/weixinsamll.png
118.123.213.55200 OK 290 B URL HTTP/1.1 lyg.99cfw.com/qietu/img/weixinsamll.png
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type PNG image data, 50 x 50, 1-bit colormap, non-interlaced\012- data
Hash ec36e5f71883e0515a5a57d9c0430ee0
5e3ef8dbac350d2a1f3bec0de4b86ae20bb5d6bf
6ebbc0b5e7035946216df9f0df1d52badcf5b5082680d41b934d0bfea2f5e8a6
GET /qietu/img/weixinsamll.png HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 05 Jan 2021 16:42:32 GMT
Accept-Ranges: bytes
ETag: "dd1f71c381e3d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:50 GMT
Content-Length: 290
lyg.99cfw.com/qietu/img/logo_small.png
118.123.213.55200 OK 4.8 kB URL HTTP/1.1 lyg.99cfw.com/qietu/img/logo_small.png
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type PNG image data, 163 x 43, 8-bit colormap, non-interlaced\012- data
Hash 6668bbac099872652a4827d4ecd43516
5b4e0d7b72703df041f2c6989586881324f0bc2b
69aac69e9972f1fbcae32b22c1a296d93c1a0b0471d0d99db32919d992858a85
GET /qietu/img/logo_small.png HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 05 Jan 2021 16:42:31 GMT
Accept-Ranges: bytes
ETag: "35fdb2c281e3d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:50 GMT
Content-Length: 4792
pic.99cfw.com/afile/20204/202004221346296555.gif
118.123.213.55200 OK 14 kB URL HTTP/1.1 pic.99cfw.com/afile/20204/202004221346296555.gif
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 200 x 285\012- data
Hash 72cb20495473bd6645bd904d6126ec23
9a73f8f7c8725f653a6e61a85b8f1bfa1d17cb19
0f56abcdab667e185497980ba77af091c555503365f8daa398e821b7f267183d
GET /afile/20204/202004221346296555.gif HTTP/1.1
Host: pic.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Cookie: 99cfw=c=43s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Cache-Control: max-age=7776000
Content-Type: image/gif
Last-Modified: Wed, 22 Apr 2020 05:46:29 GMT
Accept-Ranges: bytes
ETag: "14aec45e6918d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:51 GMT
Content-Length: 14412
api.map.baidu.com/getscript?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM&services=&t=20220816160422
103.235.46.245200 OK 72 kB URL HTTP/1.1 api.map.baidu.com/getscript?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM&services=&t=20220816160422
IP 103.235.46.245:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ba1daed12d491cd35d863caf2f95358
bf2a6a1e07cabfe87fb8d8e6c1d0cc79c312f49c
91d32ba9d6ba54e8c1ae85ccb670df63a37a3ea70d019a33e702ffd518d7c83a
GET /getscript?v=2.0&ak=N2x9fHMIaoLU43icUFL40xkM&services=&t=20220816160422 HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/javascript;charset=utf-8
Date: Sat, 03 Sep 2022 11:28:52 GMT
Expires: Sun, 04 Sep 2022 11:28:52 GMT
Http_x_bd_logid: 1732707864
Http_x_bd_logid64: 1732707073972409610
Http_x_bd_product: map
Http_x_bd_subsys: apimap
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7A5E3CAB019A6045D2A5A7FA2FAF685F:FG=1; expires=Sun, 03-Sep-23 11:28:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
BAIDUID=AB83BA676A286FF622BA3D3BEA07870D:FG=1; expires=Sun, 03-Sep-23 11:28:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 17327078640400734730090319
Vary: Accept-Encoding
Transfer-Encoding: chunked
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash fc2c599d0290c2f0ee7185e81a61416c
87bb65136a31e2c88f9fe4a3599f9ee65deae24b
283cdba93db763170549c67090e13f8ac08b9bdef1b896a976d7b20afcb9ba75
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 11:28:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Sep 2022 09:21:46 GMT
ETag: "87bb65136a31e2c88f9fe4a3599f9ee65deae24b"
Last-Modified: Sat, 03 Sep 2022 09:21:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1547
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744e250c4da9b509-OSL
lyg.99cfw.com/qietu/img/contbg.png
118.123.213.55200 OK 202 B URL HTTP/1.1 lyg.99cfw.com/qietu/img/contbg.png
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type PNG image data, 772 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c0e1c58337b8dad43a8316ef0de23e80
d8f8a92047c4f13dfea0541c2952cb8891ef4e8e
9a80185420b987aced1d83c2663ba6ea92131a7293dde8eba9874b28c90eec3a
GET /qietu/img/contbg.png HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/qietu/css/xiangqing.css?v=1.6
Cookie: 99cfw=c=43s; ASPSESSIONIDQEDCRTBR=PHAHMJCBGLHOLAAPOMLAJFGE; __tins__4903686=%7B%22sid%22%3A%201662204533216%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201662206333216%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 05 Jan 2021 16:42:30 GMT
Accept-Ranges: bytes
ETag: "be7624c281e3d61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:52 GMT
Content-Length: 202
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Sep 2022 11:28:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.map.baidu.com/?qt=verify&v=2.1&ak=N2x9fHMIaoLU43icUFL40xkM&callback=BMap._rd._cbk46415&seckey=-1%2C-1&timeStamp=1662204533206&sign=8fe671b8b514
103.235.46.245200 OK 57 B URL HTTP/1.1 api.map.baidu.com/?qt=verify&v=2.1&ak=N2x9fHMIaoLU43icUFL40xkM&callback=BMap._rd._cbk46415&seckey=-1%2C-1&timeStamp=1662204533206&sign=8fe671b8b514
IP 103.235.46.245:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash 11a1b681f763490b2d7a4062671e8469
ee87e0a35c4217a3586fc0c4bb5ce7fc407d8d4d
dfcc1be1c8b0f243cd96405e96fc49c70163a7437dc640560cbf8edf7d0603ff
GET /?qt=verify&v=2.1&ak=N2x9fHMIaoLU43icUFL40xkM&callback=BMap._rd._cbk46415&seckey=-1%2C-1&timeStamp=1662204533206&sign=8fe671b8b514 HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Date: Sat, 03 Sep 2022 11:28:55 GMT
Expires: Sun, 04 Sep 2022 11:28:55 GMT
Http_x_bd_logid: 1735785478
Http_x_bd_logid64: 1735785690424903946
Http_x_bd_product: map
Http_x_bd_subsys: apimap
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C9D50793AD39EB07DDC7F737AE6104F2:FG=1; expires=Sun, 03-Sep-23 11:28:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
BAIDUID=BA72B7FECF691B95101536702182C94F:FG=1; expires=Sun, 03-Sep-23 11:28:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 17357854782434507530090319
Content-Length: 57
api.map.baidu.com/images/blank.gif?product=jsapi&sub_product=jsapi&v=2.0&sub_product_v=2.0&t=41843907&code=5000&da_src=5000&device_pixel_ratio=1&platform=Linux%20x86_64
103.235.46.245200 OK 49 B URL HTTP/1.1 api.map.baidu.com/images/blank.gif?product=jsapi&sub_product=jsapi&v=2.0&sub_product_v=2.0&t=41843907&code=5000&da_src=5000&device_pixel_ratio=1&platform=Linux%20x86_64
IP 103.235.46.245:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 21ab56428956fa0823bbf6df5f556247
1788a399030f630679895f9510d7712a70e401d2
e8d53268d4346841c6a057ce97739a8d27edeb858132c57b6eb2865acc5609e4
GET /images/blank.gif?product=jsapi&sub_product=jsapi&v=2.0&sub_product_v=2.0&t=41843907&code=5000&da_src=5000&device_pixel_ratio=1&platform=Linux%20x86_64 HTTP/1.1
Host: api.map.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Sat, 03 Sep 2022 11:28:55 GMT
Etag: "63101c44-31"
Expires: Sun, 04 Sep 2022 11:28:55 GMT
Http_x_bd_logid: 1735794604
Http_x_bd_logid64: 1735794340742885386
Http_x_bd_product: map
Http_x_bd_subsys: apimap
Last-Modified: Thu, 01 Sep 2022 02:43:16 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=0F95FB0C2E037F843DAC6FC5D8B86EC8:FG=1; expires=Sun, 03-Sep-23 11:28:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
pos.baidu.com/wcjm?di=u6409517&uuid=0b6bfd9fa0590872&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533
182.61.200.109200 OK 591 B URL HTTP/2 pos.baidu.com/wcjm?di=u6409517&uuid=0b6bfd9fa0590872&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (853)
Hash da96e75606ab28bc4ec08834ef2f65a4
8ad8ff1d74dc8061661870f80d2b3372f60f0967
b7722c952715761329aa6dbacdbb32f105c26ec6ae09f2f02547623f9f1cfeea
GET /wcjm?di=u6409517&uuid=0b6bfd9fa0590872&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: application/javascript;charset=UTF-8
date: Sat, 03 Sep 2022 11:28:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Sep 3 19:28:56 2022
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=9C6FA1AD61C1F7E7CBB4E1FE8B4A35F5:FG=1; expires=Sun, 03-Sep-53 11:28:56 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 591
X-Firefox-Spdy: h2
ia.51.la/go1?id=4903686&rt=1662204533216&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF%25EF%25BC%258C%25E6%259C%25892000%25E5%25B9%25B3%25E6%2596%25B9%25E5%258E%2582%25E6%2588%25BF%252F%25E5%259C%259F%25E5%259C%25B0%252F%25E6%2588%25BF%25E5%25B1%258B%25E3%2580%2581%25E5%2587%25BA%25E5%2594%25AE%25EF%25BC%258C%25E5%259C%25B0%25E6%2596%25B9%25E5%25BC%2580%25E9%2598%2594&ing=1&ekc=&sid=1662204533216&tt=%25E8%25B5%25A3%25E6%25A6%2586%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF2000%25E5%25B9%25B3%25E6%2596%25B9%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&kw=%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%252C%25E4%25B8%2589%25E7%259B%25B8%25E7%2594%25B5%252C%25E5%25BB%25BA%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&cu=https%253A%252F%252Flyg.99cfw.com%252Fchangfang%252FzrOyzvcHz.htm&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=4903686&rt=1662204533216&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF%25EF%25BC%258C%25E6%259C%25892000%25E5%25B9%25B3%25E6%2596%25B9%25E5%258E%2582%25E6%2588%25BF%252F%25E5%259C%259F%25E5%259C%25B0%252F%25E6%2588%25BF%25E5%25B1%258B%25E3%2580%2581%25E5%2587%25BA%25E5%2594%25AE%25EF%25BC%258C%25E5%259C%25B0%25E6%2596%25B9%25E5%25BC%2580%25E9%2598%2594&ing=1&ekc=&sid=1662204533216&tt=%25E8%25B5%25A3%25E6%25A6%2586%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF2000%25E5%25B9%25B3%25E6%2596%25B9%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&kw=%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%252C%25E4%25B8%2589%25E7%259B%25B8%25E7%2594%25B5%252C%25E5%25BB%25BA%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&cu=https%253A%252F%252Flyg.99cfw.com%252Fchangfang%252FzrOyzvcHz.htm&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=4903686&rt=1662204533216&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF%25EF%25BC%258C%25E6%259C%25892000%25E5%25B9%25B3%25E6%2596%25B9%25E5%258E%2582%25E6%2588%25BF%252F%25E5%259C%259F%25E5%259C%25B0%252F%25E6%2588%25BF%25E5%25B1%258B%25E3%2580%2581%25E5%2587%25BA%25E5%2594%25AE%25EF%25BC%258C%25E5%259C%25B0%25E6%2596%25B9%25E5%25BC%2580%25E9%2598%2594&ing=1&ekc=&sid=1662204533216&tt=%25E8%25B5%25A3%25E6%25A6%2586%25E5%25A5%25A5%25E9%2582%25A6%25E5%259B%25BD%25E9%2599%2585%25E5%2590%2591%25E8%25A5%25BF2000%25E5%25B9%25B3%25E6%2596%25B9%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%25E5%2587%25BA%25E5%2594%25AE-%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&kw=%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25B5%25A3%25E6%25A6%2586%25E5%258E%2582%25E6%2588%25BF%252C%25E4%25B8%2589%25E7%259B%25B8%25E7%2594%25B5%252C%25E5%25BB%25BA%25E5%258E%2582%25E6%2588%25BF%252C%25E8%25BF%259E%25E4%25BA%2591%25E6%25B8%25AF%25E4%25B9%2585%25E4%25B9%2585%25E5%258E%2582%25E6%2588%25BF%25E7%25BD%2591&cu=https%253A%252F%252Flyg.99cfw.com%252Fchangfang%252FzrOyzvcHz.htm&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 03 Sep 2022 11:28:56 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=115e8268451f743c802; path=/
HWWAFSESTIME=1662204535652; path=/
pos.baidu.com/wcjm?di=u6409516&uuid=62b8d29e52a6f0f1&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533
182.61.200.109200 OK 691 B URL HTTP/2 pos.baidu.com/wcjm?di=u6409516&uuid=62b8d29e52a6f0f1&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (976)
Hash 09b214b4b9bcd5e45c6c72c4360312c5
37627f8cc04edf93c674158861aa1356d57d5ba5
8bc7f976cb0d820afb687d476dce681df5f8a9bc31aa694bd2675784ec9eaea2
GET /wcjm?di=u6409516&uuid=62b8d29e52a6f0f1&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: application/javascript;charset=UTF-8
date: Sat, 03 Sep 2022 11:28:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Sep 3 19:28:56 2022
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=9C6FA1AD61C1F7E7BB2797D7B845E4AD:FG=1; expires=Sun, 03-Sep-53 11:28:56 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 691
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 423
Origin: https://lyg.99cfw.com
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 03 Sep 2022 11:28:56 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=fb3ecf52623799a9321; path=/
HWWAFSESTIME=1662204531928; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://lyg.99cfw.com
Access-Control-Allow-Credentials: true
tongji.99cfw.com/count.asp?callback=jQuery1124022792398195998909_1662204530252&bh=zrOyzvcHz&city=lyg&_=1662204530253
118.123.213.55200 OK 63 B URL HTTP/1.1 tongji.99cfw.com/count.asp?callback=jQuery1124022792398195998909_1662204530252&bh=zrOyzvcHz&city=lyg&_=1662204530253
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type ASCII text, with no line terminators
Hash ac669ad933df2d014819d76825ae678c
2f6b5843eb75572adbe3f3fdd9a85a2414d267bc
a2788da8434845a82051b77382ed2ccb51bf1a9afa521d23195b9fa7582d51ac
GET /count.asp?callback=jQuery1124022792398195998909_1662204530252&bh=zrOyzvcHz&city=lyg&_=1662204530253 HTTP/1.1
Host: tongji.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Cookie: 99cfw=c=43s
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63
Content-Type: application/json
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQGADTSDS=EGLJPLFBDDLEEKBKABIBILCJ; secure; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sat, 03 Sep 2022 11:28:53 GMT
pos.baidu.com/wcjm?conwid=748&conhei=250&rdid=6409517&dc=3&di=u6409517&s1=191626655&s2=2690189426&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=a8c107a5f6b9aef3&ft=1
182.61.200.109200 OK 14 kB URL HTTP/2 pos.baidu.com/wcjm?conwid=748&conhei=250&rdid=6409517&dc=3&di=u6409517&s1=191626655&s2=2690189426&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=a8c107a5f6b9aef3&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11191)
Hash 37ca9a7800a40d2bd7e55f562c7266cf
3e3432542dd01e37e41e70f16cf9943192a88753
d747e68772f0383781fb49c8c1f08a59c0c32307148818d6667d4c727555306f
GET /wcjm?conwid=748&conhei=250&rdid=6409517&dc=3&di=u6409517&s1=191626655&s2=2690189426&dri=0&dis=0&dai=2&ps=652x134&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=a8c107a5f6b9aef3&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 03 Sep 2022 11:28:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Sep 3 19:28:56 2022
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=9C6FA1AD61C1F7E75575FC3EA11275C9:FG=1; expires=Sun, 03-Sep-53 11:28:56 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13523
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?14f3745cdc2226a0b94290c033d76800
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?14f3745cdc2226a0b94290c033d76800
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (669)
Hash ed0477eb742e94e763ea17a5d38bbefe
0d111d197b06fbd682f32ff5d5054e0766879a60
282f91dd91154957b0904902c14969ffbb36e59b96ce5a2cd571565fdf1eb7cf
GET /hm.js?14f3745cdc2226a0b94290c033d76800 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11382
Content-Type: application/javascript
Date: Sat, 03 Sep 2022 11:28:56 GMT
Etag: 3285f2ad447b5b02ad8bdc21cdbe3264
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CBC1E5E8AFD512FD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
miao.baidu.com/abdr?_o=https%3A%2F%2Flyg.99cfw.com
112.80.248.165200 OK 235 B URL HTTP/1.1 miao.baidu.com/abdr?_o=https%3A%2F%2Flyg.99cfw.com
IP 112.80.248.165:0
ASN #4837 CHINA UNICOM China169 Backbone
File type JSON data\012- , ASCII text, with no line terminators
Hash 086ca2ab8da122d1b0fa39c0791174c5
166c324f7193ff94d88115abc67a2b5948041258
54e94ce6019817433314eb8a082ba98cd986d3e8ff44e6b228acc636d81a9b47
POST /abdr?_o=https%3A%2F%2Flyg.99cfw.com HTTP/1.1
Host: miao.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2543
Origin: https://lyg.99cfw.com
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Ab-Sr: 1.0.1_YmUwM2IyZWJjZThlYTI2ODFiMWYyNjE2YzI5M2ExNzYxYTNlYzdmNzQ2ODcyYWIyZDg0ODNmMzYyMGE3OWRhMTk5NzYxMTg1OWQ3ODMxYjNlMGNlNWMyYThjYTNhOWE5NWU3YWM2Nzk4MzViMDAxNDZmODFjY2RiMTMzNDE5MjJlZjA2YzA1OGEwMzI0ZjRmZWMyMWJmYzYzNGI0NWMyNg==
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Host, Content-Type, x-requested-with, X-Custom-Header
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: https://lyg.99cfw.com
Access-Control-Expose-Headers: Ab-sr, Authentication
Access-Control-Max-Age: 3600
Authentication: 28ec9d95863095b6668020c3e20b385b244f74325834161d
Content-Length: 235
Content-Type: application/json; charset=utf-8
Date: Sat, 03 Sep 2022 11:28:57 GMT
Set-Cookie: ab_jid=f7a9a16ab3c45083ecc9bbb6269184161a60; Path=/; Domain=miao.baidu.com; Max-Age=2147483647; HttpOnly; Secure; SameSite=None
ab_bid=f7a9a16ab3c45083ecc9bbb6269184161a60; Path=/; Domain=miao.baidu.com; Max-Age=2147483647; HttpOnly; Secure; SameSite=None
ab_sr=1.0.1_YmUwM2IyZWJjZThlYTI2ODFiMWYyNjE2YzI5M2ExNzYxYTNlYzdmNzQ2ODcyYWIyZDg0ODNmMzYyMGE3OWRhMTk5NzYxMTg1OWQ3ODMxYjNlMGNlNWMyYThjYTNhOWE5NWU3YWM2Nzk4MzViMDAxNDZmODFjY2RiMTMzNDE5MjJlZjA2YzA1OGEwMzI0ZjRmZWMyMWJmYzYzNGI0NWMyNg==; Path=/; Domain=baidu.com; Max-Age=7200; HttpOnly; Secure; SameSite=None
pos.baidu.com/wcjm?conwid=750&conhei=200&rdid=6409516&dc=3&di=u6409516&s1=1656279710&s2=1386672369&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=39de9d6a27c470cf&ft=1
182.61.200.109200 OK 6.0 kB URL HTTP/2 pos.baidu.com/wcjm?conwid=750&conhei=200&rdid=6409516&dc=3&di=u6409516&s1=1656279710&s2=1386672369&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=39de9d6a27c470cf&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5064)
Hash ca3f14353b2f57786948c4b945c13414
cdf0815608a693a63f32ed0c37222d264dc9c4ca
490acdb83845faa852fecdf708a4ab7e8be7b96a8f57f121ab9685c0d7be2b3e
GET /wcjm?conwid=750&conhei=200&rdid=6409516&dc=3&di=u6409516&s1=1656279710&s2=1386672369&dri=0&dis=0&dai=1&ps=652x144&enu=encoding&exps=110275,110261,110252,110011&ant=0&psi=d29ee921c71c4506&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1662204533286&ti=%E8%B5%A3%E6%A6%86%E5%A5%A5%E9%82%A6%E5%9B%BD%E9%99%85%E5%90%91%E8%A5%BF2000%E5%B9%B3%E6%96%B9%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E8%B5%A3%E6%A6%86%E5%8E%82%E6%88%BF%E5%87%BA%E5%94%AE-%E8%BF%9E%E4%BA%91%E6%B8%AF%E4%B9%85%E4%B9%85%E5%8E%82%E6%88%BF%E7%BD%91&ari=2&ver=0823&dbv=0&drs=3&pcs=1268x939&pss=1268x1159&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1662204533&prot=2&rw=939<u=https%3A%2F%2Flyg.99cfw.com%2Fchangfang%2FzrOyzvcHz.htm&ecd=1&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1662204533&qn=39de9d6a27c470cf&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 03 Sep 2022 11:28:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Sep 3 19:28:57 2022
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=DE30D5D9D13EFF945AAF38E230A1CEBD:FG=1; expires=Sun, 03-Sep-53 11:28:57 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 5953
X-Firefox-Spdy: h2
cpro.baidustatic.com/js/logo/css/logo-sm.css
113.105.172.35200 OK 0 B URL HTTP/2 cpro.baidustatic.com/js/logo/css/logo-sm.css
IP 113.105.172.35:0
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 03 Sep 2022 11:28:56 GMT
content-type: text/css
expires: Sat, 03 Sep 2022 11:37:46 GMT
last-modified: Mon, 18 Oct 2021 11:50:10 GMT
etag: "616d5f72-850"
cache-control: max-age=900
content-encoding: br
age: 370
accept-ranges: bytes
timing-allow-origin: *
ohc-cache-hit: dg3ct50 [2], hsctcache67 [2], bdix219 [2]
ohc-file-size: 670
x-cache-status: HIT
X-Firefox-Spdy: h2
cpro.baidustatic.com/js/logo/js/logo.js
113.105.172.35200 OK 0 B URL HTTP/2 cpro.baidustatic.com/js/logo/js/logo.js
IP 113.105.172.35:0
GET /js/logo/js/logo.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 03 Sep 2022 11:28:56 GMT
content-type: application/x-javascript
expires: Sat, 03 Sep 2022 12:07:25 GMT
last-modified: Tue, 30 Aug 2022 02:57:27 GMT
etag: "630d7c97-371a"
cache-control: max-age=3600
content-encoding: br
age: 1291
accept-ranges: bytes
timing-allow-origin: *
ohc-cache-hit: dg3ct60 [2], wzctcache76 [1], suzix67 [1]
ohc-file-size: 7038
x-cache-status: HIT
X-Firefox-Spdy: h2
lyg.99cfw.com/changfang/zrOyzvcHz.htm
118.123.213.55301 Moved Permanently 0 B URL HTTP/1.1 lyg.99cfw.com/changfang/zrOyzvcHz.htm
IP 118.123.213.55:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
GET /changfang/zrOyzvcHz.htm HTTP/1.1
Host: lyg.99cfw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 11127
Content-Type: text/html
Location: https://lyg.99cfw.com/changfang/zrOyzvcHz.htm
Server: Microsoft-IIS/7.5
Set-Cookie: 99cfw=c=43s; expires=Sun, 03-Sep-2023 11:28:46 GMT; domain=99cfw.com; path=/
ASPSESSIONIDQADCRTBR=IHAHMJCBHDKIMDBPNHNEJLIJ; path=/
X-Powered-By: ASP.NET
Date: Sat, 03 Sep 2022 11:28:45 GMT
cpro.baidustatic.com/cpro/ui/cm.js
113.105.172.35200 OK 0 B URL HTTP/2 cpro.baidustatic.com/cpro/ui/cm.js
IP 113.105.172.35:0
GET /cpro/ui/cm.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 03 Sep 2022 11:28:51 GMT
content-type: text/javascript; charset=utf-8
expires: Sat, 03 Sep 2022 12:26:08 GMT
last-modified: Tue, 23 Aug 2022 08:20:53 GMT
cache-control: max-age=3600
content-encoding: br
age: 163
accept-ranges: bytes
timing-allow-origin: *
ohc-cache-hit: dg3ct60 [2], hsctcache84 [2], czix162 [1]
ohc-file-size: 37828
x-cache-status: HIT
X-Firefox-Spdy: h2
dlswbr.baidu.com/heicha/mw/abclite-2063-s.js?_t=1662204533208
104.18.6.170200 OK 0 B URL HTTP/2 dlswbr.baidu.com/heicha/mw/abclite-2063-s.js?_t=1662204533208
IP 104.18.6.170:0
GET /heicha/mw/abclite-2063-s.js?_t=1662204533208 HTTP/1.1
Host: dlswbr.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lyg.99cfw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 11:28:56 GMT
content-type: application/javascript
etag: W/"6312ee84-30a27"
last-modified: Sat, 03 Sep 2022 06:04:52 GMT
cf-cache-status: MISS
expires: Sat, 03 Sep 2022 15:28:56 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 744e250d6cc00b61-OSL
content-encoding: gzip
X-Firefox-Spdy: h2