firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 01:04:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j6iGIxD2MEE3tZjrcfaYBTxd26vBsFZuqkdr_1-NS0oawWFNebSbNA==
Age: 1588
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6902
Expires: Wed, 07 Sep 2022 03:26:05 GMT
Date: Wed, 07 Sep 2022 01:31:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Tue, 06 Sep 2022 03:46:34 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JfFayiD3iATW2Fzzj5QjWvinv5KCVLFTJcZ4i5vvwOEcrV3qsMqb4g==
age: 78270
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 01:31:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jiantuo.net/
154.23.115.81301 Moved Permanently 0 B IP 154.23.115.81:0
ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 01:30:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jiantuo.net/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 00:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 00:48:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X0QUYDDRxzc91V0s-F84-S2BKE4mGHahPkLpzkqRVSaAE88gxUoQfA==
Age: 3165
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4406
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 01:31:04 GMT
Last-Modified: Wed, 07 Sep 2022 00:17:38 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.jiantuo.net/index.php
154.23.115.81200 OK 545 B URL HTTP/1.1 www.jiantuo.net/index.php
IP 154.23.115.81:0
ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (702), with CRLF line terminators
Hash d3aedfc4bb1b7f893e570ce396e60d0b
493be895508bed25ff2c139dfa61419638fe7761
4f7f9f1fc7e76a97ae467870e5d531c4145c9dfb8988dfaadc319ce41bca8a77
GET /index.php HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.148.148.62101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.148.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Knj+WElh2UjfzjXNn9+VrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YigNI+iP2juYwtYzjDf+7MdnrGA=
www.jiantuo.net/common.js
154.23.115.81200 OK 681 B URL HTTP/1.1 www.jiantuo.net/common.js
IP 154.23.115.81:0
ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED
File type HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators
Hash 1178df7392b87ca4a7e82d9feb540707
4572a16e2716ef32801768e59003d47e0e525f40
3d10626e8aec01eae90869f6d9e41420aac3dee418464c430f96e69de5cf3589
GET /common.js HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.jiantuo.net/tj.js
154.23.115.81200 OK 258 B IP 154.23.115.81:0
ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED
File type ASCII text, with CRLF line terminators
Hash 274cf6decff90d9ee1e3adf37a49094f
7be5dd484cb6bb4ce3ea8a610d8e3cf4b5202b8a
28fc2ffe8469415c66e90d33ebf74fd756f23a8829c6eb02966b0b02e9ae7ffe
GET /tj.js HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.jiantuo.net/favicon.ico
154.23.115.81200 OK 1.2 kB URL HTTP/1.1 www.jiantuo.net/favicon.ico
IP 154.23.115.81:0
ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 12 Sep 2022 01:30:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 24c71b38eb6a85ce86b3c579bc4e3489
ea16b2e16ff80fb67aee001075c0e9a559b96054
cdcc84506372c591eaace9a5e85666d3a48ef9b59cfadc597b2b69e536d9984f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Sep 2022 23:30:37 GMT
ETag: "ea16b2e16ff80fb67aee001075c0e9a559b96054"
Last-Modified: Tue, 06 Sep 2022 23:30:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 333
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746baed00a65b4f7-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 03:42:05 GMT
age: 78540
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed39b35d8a767c2aad6a77fadc60f233
f9767c74a6f717635f67ac541f0126f5a63bd7d3
343efa10126cf70588f1968dea7c77ec3ff8a121e1152f1f9b9b4960fc42bddb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 8a44698f-2fd0-4980-9882-971810debb88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X6Wf9GyaoAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63140465-3a46f65e5f8c4522065c5ad5;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 01:50:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hs1q2aYJyrggLRzjgYyKwmMhT6W4EG5yqc9CRM9zupXi_jOi5yvNiA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 18:22:32 GMT
age: 25713
etag: "f9767c74a6f717635f67ac541f0126f5a63bd7d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8270b1deb7d093ca8add7908bcc5136
d7f050173460584cecb8e280aefeb0e0f3a8c1d6
148080cd0f4f5aafcfc5a9d737dd99e101895f83a177e0dc15d27079cf6b56bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8501
x-amzn-requestid: aff7d553-fc1f-4bc7-a6fd-cb87cfdbfa55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrUuG2sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bf51-1d866fbd1db11e75426ec057;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6rtVoPZ2axpHxUOh0tuLzdMmqpsqyf_MmYEW9y0djaxQYp_zt4_kQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:31 GMT
age: 13294
etag: "d7f050173460584cecb8e280aefeb0e0f3a8c1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 11793
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 12:47:43 GMT
age: 45802
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 124a0c0a970006aa660031b5e0ec70d9
3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7
14c5c6aaf110c123037eb860ecc9d386d46af55fe54cb50f9d1ad430f7e0c516
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11972
x-amzn-requestid: e71daf97-7463-492d-b55a-0eab022d8b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0nI2G1tIAMFk2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b89e-7d6c6d1769649d371c505453;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 08:02:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lNUnWV03HGfGLUSblwFyCjoiSuPlolly4h94cFFZcve3AmtJNkiH7g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:16 GMT
age: 13729
etag: "3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ddys054.top/
192.161.82.59200 OK 14 kB IP 192.161.82.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3679), with CRLF, LF line terminators
Hash 48de3263b7b45133688ba19212780055
abfec1a64a084f5bb20fceccc9742394f1c8840c
28047e97696c97232b7f0f4b30459e617b0188adb78235c99e7b01e73a210aee
GET / HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=1bbc3uk9nprmag1hv63j4jgla3; path=/
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 13820
fmlb.netlbtu.com/upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg
104.21.235.174200 OK 7.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f8007ef32c55c5faf0451d025e6d64dc
e8be110f17a27def5c89498d31b6400868c3b2b7
1f06ebce86a63df8918339a5e421bfafcb5e8d33dd3f381d2be5bd7b9f87fa4e
GET /upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 7863
cf-bgj: h2pri
etag: "0ba478c4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oIRFOFgUMeX8uwVoD0f7VRbpJMRARs4lO2Stw86pR3XX48N7pBGhYR3JgIpvz%2BZsTfFQGIK%2B5BP%2FPiHKCi0omorVGIrYt60CxV3rb5n1z4YHiGIVcpMIw6WVNOwmpjcd3rt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef376a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg
104.21.235.174200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 77f18a195e01651883d6cec37e1ae907
323e253c143f145cf73c45e987ab6b2524120ec7
a722bab950e1b18f0d0d2339fe6412ee89d0c1e0ae582cdbc48cf19723d9bb2d
GET /upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 12007
cf-bgj: h2pri
etag: "686f1c1defbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWHfL8BnxfavSZ9gBN3uE6oB35CfMlsKRo8RaBup1sPTzlJWo7R06gBHXsg9dHe0LKePjfQ9bsVw%2BSXJYrYjK6JcBRY4KSrGQDmZ9VvSxiPZgQ%2BmcRTNCXRHM96ro%2FvG%2Bq8C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef876a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg
104.21.235.174200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 483832a477f4edee3f0fdc3b81a68ab4
a2bfa3c154c654156a0b334a695c6f3a67a5209d
0eac3a30a3111f40c42fb994f5f22b0012d9fa02af4c38c2729667635e5e50b2
GET /upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 10689
cf-bgj: h2pri
etag: "e791b61eefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:07:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoP6OjL%2BL%2B0S2foE2iYJkcSDAxBduTmiDr12fX9FjZuRRrLetpg4HRauG4U9Eyqn8En2648VTlAybrHdgW5P5IdprbqMYXguoBOmaX7vZdwR8qjL0b9tJZ8eHZm%2BxdXox26o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef976a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg
104.21.235.174200 OK 6.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6be6ae5deac1335461fff729b1a5e739
929573e694012d49b43aedd1dec760d872cda74f
44e6e0598163d1ee3dfa44f7fc39d2ce0fcb55fd6065cf009739380aeb95fd43
GET /upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 6459
cf-bgj: h2pri
etag: "7f482c1eefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aamDOUuxc9tlzWG2ll59lwBvMOmv%2FpGcdUiRCBC%2BrYeg%2BtrgyXd09%2BSunY2puoUkXV%2BP2sAKTZ5ZIcU7FeiGZvGEoRPxncX8LpKb0k2jVgaA5OBcrrxCw1fzZGwt6mR7dFl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14efa76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg
104.21.235.174200 OK 5.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3fee48c56c5dfc85cf267119d43162c3
4516a17f0829439061b208689bbbbc26492e1bb0
ceb8abca1eb678798d0325b910106a06026d207f3df26c04ec84a8cf742bd9d2
GET /upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 5412
cf-bgj: h2pri
etag: "ab622e8b4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsT5c1oPjSM3lK8IBqavrh0RrES7MoTXRWMW19hGmgPA23RmERRDsWPFcO7dxJvkRAiibLXK30ummNIUM6ExxaDa0f6pSRZ8hesHOIImoa4M1RddXbJ0D2xrSqWz3LkXwHnz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0f76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg
104.21.235.174200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a51d1e789e8320a4fa962abbad3b4c1f
1e917165c474da7b0f913e57da4f42816b3084ef
cec3c6c0f5a81c00ea68af707680d263f4d11c631f5cfcaac039f3c8cee6f517
GET /upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 8777
cf-bgj: h2pri
etag: "3820954811b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snuwHH8Pm39fD7Lxl%2BPhpBESns3KBiUgh85KCbYOCLrYzKXWIABtQuQvu6GiYP%2Fj5bGD0yXDIwPrKhgD9gUdBIvVkoxTZe03IZvM5IaXcirPEDIY4eYlJFfY4ue001Cw59VG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0a76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ddys054.top/template/m1938pc/css/zui.css
192.161.82.59200 OK 15 kB URL HTTP/1.1 www.ddys054.top/template/m1938pc/css/zui.css
IP 192.161.82.59:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 6f5aa0cf8202076c79fd657900529f6f
2e509a321310355e06c90abfd9b415ef08f6a02b
47ccaf7fd4f05353155d637f76473918470672e4c69f5d8e5df82f685a040bd4
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:34 GMT
Accept-Ranges: bytes
ETag: "0e7b632e43d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 15198
www.ddys054.top/template/m1938pc/css/ate.css
192.161.82.59200 OK 4.5 kB URL HTTP/1.1 www.ddys054.top/template/m1938pc/css/ate.css
IP 192.161.82.59:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:33 GMT
Accept-Ranges: bytes
ETag: "805073622e43d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 4498
www.ddys054.top/template/m1938pc/ads/aaa.js
192.161.82.59200 OK 399 B URL HTTP/1.1 www.ddys054.top/template/m1938pc/ads/aaa.js
IP 192.161.82.59:0
File type ASCII text, with very long lines (396), with no line terminators
Hash dde28d41e1ebbdb9c4c446ddfcc02ed6
5f28574ddf8f6cb696ac47511c5a31c0abcac0f5
0c78935217564d2d7f75ecc96752089404ad376a402f71066cefe73141e3a288
GET /template/m1938pc/ads/aaa.js HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 12:41:45 GMT
Accept-Ranges: bytes
ETag: "fe7d5cbda39ad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 399
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 258f174885c200be903bf46500b20e09
4a53eb13952452b668bbbad725b08bf2e147aae3
c9652d84768b493aa73d8bf5b826094d17369f8c1e8781365c6e3544cbad4cbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9652D84768B493AA73D8BF5B826094D17369F8C1E8781365C6E3544CBAD4CBD"
Last-Modified: Mon, 05 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13518
Expires: Wed, 07 Sep 2022 05:16:23 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg
104.21.235.174200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c8305deedcca4d5f686ef9a648715c9b
b5cf26fc0afeff93ff1508dee760ea60dd3afef2
d134d2f80900e68ad304c7c75b50491ba5e150bb21e1a5ca44b51f56e4798d81
GET /upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 10396
cf-bgj: h2pri
etag: "f0ffa11defbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:58 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAxpw7db%2FdYVpYT2nnpAiNEXBKvygTbKhypajs13FSpnP06U%2BE7yyRsOou0oWMPdZn%2FI5mb0%2FSI4zOnAXmFSDFvCjMeDItHbzYsG0zGEwpQREwkmcvHYHknJlNGdoI%2F1Z9%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef776a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg
104.21.235.174200 OK 7.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 19457b5fefe38b38666b6afe71ac0f40
0f6e2a66949608a172472eb50c113a8c23fb9bb3
d1ec6da0b9f8057db936e81e974a959d1b4952eb3c77e653601b6125642b9805
GET /upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 7699
cf-bgj: h2pri
etag: "85cb811befbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AVbmMdE%2BHhTPVFmeybsO%2BbQGtaKN6VXuVCFeYV1p5BUChGrjRfqxaMHqp%2BFcXyuiivaCrS4ceg4zNqtpvlZpkOBZhyZfgrGQqGc5qFcbAM7Em4d9aP%2FEDtgVjuT35j4phRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef176a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg
104.21.235.174200 OK 9.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1e46e876d6d7784a372ad703360206e9
7f1b0cf536f218c52faa511b13e00e2f0a3dac8e
9a8c26eca277196269e8c494c7b56e5f8eba7759f0223ccb7423a90e01ead44b
GET /upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 9466
cf-bgj: h2pri
etag: "8442184911b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bLT65ujwwLtoCO9MMYaWD%2BPX5EoPruFPmP66qMDKxZexQP0aLaV5JJN1TqppN7%2BlsjhSJMo5i2f%2B%2F8PrYvPvPXU4X%2Bey23E%2B33IQ%2FGFZ%2BRxRMgXmZB48y%2FmfDuASTfUoFWw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0c76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 31eb22596f0981dd27ba396ec8b5a1a0
edd98af351a2b61b3b954583d8283f40f88b3d3b
c1c27524138555b76c887475763b2d5ed0e4470c891b0a9b4c965c544cb3cb5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 14:54:12 GMT
Expires: Sat, 10 Sep 2022 14:54:11 GMT
Etag: "edd98af351a2b61b3b954583d8283f40f88b3d3b"
Cache-Control: max-age=306784,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746baed2c84ab500-OSL
fmlb.netlbtu.com/upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg
104.21.235.174200 OK 5.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 11593e338fa82b9a7c93d94b074ea276
56eda58e12b0b42c06b4713e615a6273e4b1a58c
a5d90957679172bcf6640a5501b323cfd91869dacccf46d7e0ad1d96448ae756
GET /upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 5666
cf-bgj: h2pri
etag: "8eb48f1cefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=906fGzTKDnt1CdzbPWyjizWgAgLQMd%2FDkJVo6vw4c%2F%2FsHLISNiY9lAhpz5BWSTn2zYpMSteD2Roa9WX8muaiZ6yUwMrQinwaV5%2BlVbSvrOqvRszMt5YjINBz3izIFNdCUINH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef476a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg
104.21.235.174200 OK 7.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e18a8143cffaff55708e3d587c477415
f108ec0f0af951475e994f9c9f087e1e5ee9aaea
5fcd686052281dfed24c7e5524319bbbf3c031a62b34b27f4b01405ba00a88cb
GET /upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7760
cf-bgj: h2pri
etag: "10cd71cefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unZ9pvdyERs5o85AmOFRhGbNFbBZPnT7HgNX5bYDBp62peBVtR69ofep2K9mdfwfKNadJME2eAi5FKFSdHNx1d7ahbxO%2FG%2FInCMEH71Abq%2BNYxQbDWk3fMsfIhiEhwnxzKeY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef676a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg
104.21.235.174200 OK 7.5 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4576da931c391d07c422e4aa0b9c2015
4da6828931f5c5c06052d0b3f8ee1b409ce04366
fb137f8b2f391c8526c168d176a525bcd24dc4c8e9178621876ec49a0f1ef6d3
GET /upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7496
cf-bgj: h2pri
etag: "d82f71aefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8%2BAM%2B%2Bau6JLvSoeXQ0qEeLLjgkbzs%2BiqeA%2Byr1JTEspnfQ0x%2F67wU6lNnX0rbx9lHZ7cbE3YbW00lBQJkaxDP%2BxXP%2FNFPFN5L1fiROPwW0fQqmQnHx6KS3ASvEAwR4vvrkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0e76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg
104.21.235.174200 OK 9.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b12161fdf98c05c27691f21e1bbf8420
dc718406b2079400a8dacbae8a74c08bd6c88467
66116dfc411d79e5a26af9a70d86a1a35cd1f4b4a7be182516ede36cb5b944c6
GET /upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 9708
cf-bgj: h2pri
etag: "4f1e8b3b11b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:02 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogVZyUOq9ketlehCnIIEssV7fmXp5D9fJXDxrftUpgCbTEz7jdDQejZuxn81myEqIahNqS4YU9vuZ5G3DTIuK96OHd%2F0TM47nYOjWZWJWfcAFbkYn3kW3H8OALV0DyB8JMMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0b76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg
104.21.235.174200 OK 7.7 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg
IP 104.21.235.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 841159e7450f246869d95d2f649c8a97
ad00448d00ca1376f61322639b28e2ded30e506a
26f97573323baa79f5e9c7276082ce670fe777f06016371c6bf1c10909e91c7f
GET /upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7683
cf-bgj: h2pri
etag: "87e7b38b4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKlZobX5UaoOCbY6Pxp%2FgJc9Wg0%2FeKH%2B4SrR8d3OITyGKcmzJ0THamPBQDXBxLSf88VWZAXr35yCaZ8tFZs55FSUioakQ91Z6%2B%2Bxr4dO3j00cFM7d0icDHiYoyPTXE8fpMGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0d76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.ddys054.top/static/js/jquery.js
192.161.82.59200 OK 33 kB URL HTTP/1.1 www.ddys054.top/static/js/jquery.js
IP 192.161.82.59:0
File type ASCII text, with very long lines (32089), with CRLF line terminators
Hash 635cabcaf3cdeab18470446e80239302
9ab64e394a159396d23d246a7419fe043aa2f7a4
6063409071aa83fdff4be7c3d2134ab8b8f2c32dcd5ce08e44a2d83ab5b2bb42
GET /static/js/jquery.js HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 10 Mar 2019 13:12:51 GMT
Accept-Ranges: bytes
ETag: "80cbdbf642d7d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 32864
dimg04.c-ctrip.com/images/01037120009ujdjqk8377.gif?proc=autoorient
104.110.17.24200 OK 263 kB URL HTTP/2 dimg04.c-ctrip.com/images/01037120009ujdjqk8377.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 263 kB (263443 bytes)
Hash 19c96e5431bd8f5f0497f32d77a332d6
e660df146e1661e26f954ae36f0382ebec1cad97
0c52e0ab9db25405bd3269c29190c5a8d73a429fbed2467f7bad27fd5c5a0ff4
GET /images/01037120009ujdjqk8377.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 263443
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14184959
expires: Sat, 18 Feb 2023 05:47:05 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0106o120009uiu2p481C6.gif?proc=autoorient
104.110.17.24200 OK 191 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106o120009uiu2p481C6.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 120\012- data
Size 191 kB (190584 bytes)
Hash 4bd8328c77b699efe6eae465d231b708
f6c1f857e163eaa5af28768a8136be424484fae7
78d253c6d8ed67033500b85a878f803c7efcc5bd59fa03a6fdb58d970c8394a8
GET /images/0106o120009uiu2p481C6.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 190584
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13860004
expires: Tue, 14 Feb 2023 11:31:10 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105u120009uiu9op34EA.gif?proc=autoorient
104.110.17.24200 OK 394 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105u120009uiu9op34EA.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 120\012- data
Size 394 kB (393511 bytes)
Hash 313e8cf9a429840b5eb15a5464516298
f83576b11e0a1978fddf7974ab14c296fede51b8
17f40a4f6403fe62aea555b54f593a5991bd28afd2d99ba62441bc5d3a34ef36
GET /images/0105u120009uiu9op34EA.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393511
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13879086
expires: Tue, 14 Feb 2023 16:49:12 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01071120009uj7klk4406.gif?proc=autoorient
104.110.17.24200 OK 190 kB URL HTTP/2 dimg04.c-ctrip.com/images/01071120009uj7klk4406.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 190 kB (189825 bytes)
Hash 4636d766691a6cdc04e2b88bdecae86d
c955346f093be97ab794a98a2763f1268d8e9660
1a4cbfb350c6ea8e8fe609fdea1b770d986752cdbf67e88eafe06ed7b7e2bca8
GET /images/01071120009uj7klk4406.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 189825
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 264
cache-control: max-age=14230888
expires: Sat, 18 Feb 2023 18:32:34 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash f5db207eb683903f57d1e1d1b4fb5a13
61a5dca5b9236ba6d7cf6f02a2a712031e3d5d5c
c730f43908a13209d4cc35db1930f317b61b55e9a23475f3a99ea73e1ca5914e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 22:45:53 GMT
ETag: "61a5dca5b9236ba6d7cf6f02a2a712031e3d5d5c"
Last-Modified: Tue, 06 Sep 2022 22:45:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 329
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746baed40c3ab4f7-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 76692545dc335a822bfbe13c41571b57
847bd2f0f812bce43cee6c6e161e2adfef7c1769
db77b28c709c2bffabac9450f66c8e676214289f1728d287ce97abbe3850b40d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 15:06:40 GMT
Expires: Mon, 12 Sep 2022 15:06:39 GMT
Etag: "847bd2f0f812bce43cee6c6e161e2adfef7c1769"
Cache-Control: max-age=480332,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746baed408eeb500-OSL
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ddys054.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 28 Sep 2022 23:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 699106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOH54O%2FVLSfBeExSAiIoEtZebV3y79BkauCj4l2wJy9yQt39aUe3jlSzjN22lYlBc7ZsjO4YpZPWtYKQ%2BVmIoqZeJ3BpUX7Abl9Pv9Ttka96KWgvZd5MYs1w3BUVGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed48f44b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ddys054.top/template/m1938pc/images/1.gif
192.161.82.59200 OK 254 B URL HTTP/1.1 www.ddys054.top/template/m1938pc/images/1.gif
IP 192.161.82.59:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Accept-Ranges: bytes
ETag: "563214652e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 254
www.ddys054.top/template/m1938pc/images/video-play.png
192.161.82.59200 OK 1.6 kB URL HTTP/1.1 www.ddys054.top/template/m1938pc/images/video-play.png
IP 192.161.82.59:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Accept-Ranges: bytes
ETag: "661634652e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 1567
www.ddys054.top/template/m1938pc/images/video-mask.png
192.161.82.59200 OK 107 B URL HTTP/1.1 www.ddys054.top/template/m1938pc/images/video-mask.png
IP 192.161.82.59:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 07 May 2021 10:47:34 GMT
Accept-Ranges: bytes
ETag: "66c95632e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 107
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e3baded74ef21a515069ec5194af1c06
f4b20e21fca604a53206d8f4ed19dfd5b17534a8
e940d6ce3ee65528862fb8d0b544a835101f7fa34f7b6a2759aa82bf2209c530
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 01:31:06 GMT
Ali-Swift-Global-Savetime: 1662514266
Via: cache20.l2de2[188,188,200-0,M], cache20.l2de2[190,0], cache1.se1[211,211,200-0,M], cache1.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Sep 2022 01:31:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516625142663274357e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e3baded74ef21a515069ec5194af1c06
f4b20e21fca604a53206d8f4ed19dfd5b17534a8
e940d6ce3ee65528862fb8d0b544a835101f7fa34f7b6a2759aa82bf2209c530
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 01:31:06 GMT
Ali-Swift-Global-Savetime: 1662514266
Via: cache2.l2de2[188,188,200-0,M], cache2.l2de2[189,0], cache3.se1[211,210,200-0,M], cache3.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Sep 2022 01:31:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716625142663335469e
si1.go2yd.com/get-image/0yFUidjGHhQ
163.171.140.79200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 6317f45a_PShlamstdAMS1cc96_805-46492
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xle6Gs65qR
163.171.140.79200 OK 142 kB URL HTTP/2 si1.go2yd.com/get-image/0xle6Gs65qR
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 142 kB (142511 bytes)
Hash f1647a6b3887c0cd3eedccc8d61b790e
7f8cace768f5e978ab421e4511e8b2fe8544f65d
b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931
GET /get-image/0xle6Gs65qR HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 142511
server: Tengine
x-application-context: application
x-kss-request-id: 1d1c290058c84bbdad5290984dd718ff
etag: "f1647a6b3887c0cd3eedccc8d61b790e"
content-md5: 8WR6aziHwM0+7czI1ht5Dg==
last-modified: Thu, 10 Feb 2022 08:00:01 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:0 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:0 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:7 (Cdn Cache Server V2.0)
x-ws-request-id: 6317f45a_PShlamstdAMS1cc96_805-46493
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
js.users.51.la/21276283.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21276283.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash f10d7734daf1b544bbefc81fb249c6f7
f23322adb00e9dbb1a20638936e87c3680b616bd
b2983efc4c9a40406bc800615ee2f4c4c15eb430d2593a68d3ae3e7e32e685df
Analyzer Verdict Alert fortinet Malware
GET /21276283.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=d8bd73e8b2c02391be1; path=/
HWWAFSESTIME=1662514263443; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
vkhhjp.com/9337ea14512440999f889eb8a9c83838.gif
103.170.15.46200 OK 445 kB URL HTTP/2 vkhhjp.com/9337ea14512440999f889eb8a9c83838.gif
IP 103.170.15.46:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /9337ea14512440999f889eb8a9c83838.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
etag: "630f4567-6cad4"
server: nginx
date: Wed, 31 Aug 2022 12:03:29 GMT
content-type: image/gif
last-modified: Wed, 31 Aug 2022 11:26:31 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-36
content-length: 445140
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 62206dc3b86a8da35361127e2b900a03
ab55fad5ee30e316c6f63aba9acb9b0ce1b04ad2
f5a854eb683d7aee3e2c3a06e38b4736b4c25d023af6f4b655e99a5c80515d8a
GET /hm.js?e01da3ff3a2684df3d39a3f70c20cecb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jiantuo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:06 GMT
Etag: 2ff9c6b5a6d849cbdab7dc35ec73a2cf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=02A41C7DEFE50B6B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
jcyunk2.com/02ed850c424c4194a40ddd5fbd5e2b16.gif
45.61.212.57200 OK 290 kB URL HTTP/1.1 jcyunk2.com/02ed850c424c4194a40ddd5fbd5e2b16.gif
IP 45.61.212.57:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 290 kB (290150 bytes)
Hash a0802cece6f8ee845c514dabeb1be17b
c70eabf0009169cdf262ed33f80d07b71dd2733f
ce5a0609aabbbc9f28df8e70935f210d03153851b44d1f49a27060647042c96e
GET /02ed850c424c4194a40ddd5fbd5e2b16.gif HTTP/1.1
Host: jcyunk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63077036-46d66"
Date: Sat, 03 Sep 2022 05:33:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 25 Aug 2022 12:51:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-27
Content-Length: 290150
hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 77ca56384174f36cecf387c85eadbe98
9939116cc2f196c9b2a70c02ad36069a71561051
1342fff2722b0c06b648103b5e567116a9b9863be639dd092bad66fc6b5f3527
GET /hm.js?206e0ebe9beac414c579cfd9af445e33 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:06 GMT
Etag: 9e81aeeb4b0e518c029340af8d286cfb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8BD5783FA0E6B63E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ia.51.la/go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 07 Sep 2022 01:31:07 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=763b32dd4d8198fb657; path=/
HWWAFSESTIME=1662514266076; path=/
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jiantuo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1E7D4529E97185CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4cd6238d7bcf7c800771e58320a59935
efce61580230d08294c0518339580d046b1b1e36
aa9d08df70c356e8cd0a2b2288b4cb008f45b98e333502a4071aa9f023bffb8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 01:31:07 GMT
Last-Modified: Wed, 07 Sep 2022 00:39:20 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 727
hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash bfc7127762cdb89e65690706a00103ce
e5c1a66dcf0f770464dea99f8b91fd214032f25d
9c72e8b6e21cd98e88e5c6c2fd0f1ab08cf1fb9ac2098161b61ca7225f35a3af
GET /hm.js?bfe6b26f78903861e446f74e1a2f35ef HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:07 GMT
Etag: 5e14d110b181d0542e94ef7fdfb6283c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3F8B55E39C506D22; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6FA840B4ADD5F554; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2724F06F95267845; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zz.bdustatic.com/linksubmit/push.js
104.26.9.99403 Forbidden 0 B URL HTTP/2 zz.bdustatic.com/linksubmit/push.js
IP 104.26.9.99:0
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdustatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tvmi7RyHRc%2BTNIlzaW4LtFSwbQGoQFk1jNeNpmnEd5vJQujj1XAFr0FuNJCLi3clscm7UY%2FU2JMy6N8%2FRDFA%2FRMx1yXEIGrW6aKDPFpX%2F3o0tLY8pDDbShuOYmNRKAtZ9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed49f7a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
120.52.95.235200 OK 0 B URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP 120.52.95.235:0
ASN #133119 China Unicom IP network
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:08 GMT
content-type: image/gif
content-length: 677521
server: openresty
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
server-timing: cdn-cache;desc=HIT, edge;dur=2
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
via: CHN-HElangfang-AREACUCC1-CACHE48[2],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE60[39],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,36]
x-hcs-proxy-type: 1
x-ccdn-cachettl: 31536000
nginx-hit: 1
cache-control: max-age=31536000
age: 6385923
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2