r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3177
Expires: Tue, 28 Mar 2023 08:37:41 GMT
Date: Tue, 28 Mar 2023 07:44:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5324
Expires: Tue, 28 Mar 2023 09:13:28 GMT
Date: Tue, 28 Mar 2023 07:44:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 07:15:48 GMT
content-type: application/json
age: 1736
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17148
Expires: Tue, 28 Mar 2023 12:30:32 GMT
Date: Tue, 28 Mar 2023 07:44:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZcvOvzmGbuZD3j2ts7KToWT2oETZNf7e0enzbg++jfoI3gbQBAgWRqrCSp9lFnm0QcfRlMPmU+o=
x-amz-request-id: QS47FTD3HKEYBJZW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 06:56:07 GMT
age: 2917
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
livesouvenir.com/Invoice-IRS-090129-9547
172.252.192.170200 OK 11 kB URL HTTP/1.1 livesouvenir.com/Invoice-IRS-090129-9547
IP 172.252.192.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (344), with CRLF, LF line terminators
Hash b9c2ecb988b1b94ee6cb31077ccd2319
7976061691b1981c88be18f0a84f9b9c7fac3dfc
7ca191bcaf5bb151ce7d4f79cafa1408f31c377c4e6f188e1c39fc64fe25f98a
GET /Invoice-IRS-090129-9547 HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:44:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
livesouvenir.com/jquery.min.js
172.252.192.170301 Moved Permanently 178 B URL HTTP/1.1 livesouvenir.com/jquery.min.js
IP 172.252.192.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /jquery.min.js HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 28 Mar 2023 07:44:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.livesouvenir.com/jquery.min.js
livesouvenir.com/tj.js
172.252.192.170301 Moved Permanently 178 B IP 172.252.192.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /tj.js HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 28 Mar 2023 07:44:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.livesouvenir.com/tj.js
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20008
Expires: Tue, 28 Mar 2023 13:18:13 GMT
Date: Tue, 28 Mar 2023 07:44:45 GMT
Connection: keep-alive
livesouvenir.com/res/tpl/default/css/common.css
172.252.192.170200 OK 8.3 kB URL HTTP/1.1 livesouvenir.com/res/tpl/default/css/common.css
IP 172.252.192.170:0
File type Unicode text, UTF-8 (with BOM) text
Hash ceb51a08cc44da181f3c86bae9913873
8bd36f7a0311a7d75e4883cb84d0d9719bd3af94
921bd258e1e0d8480c8a6b7792e19d5d47afa07c5613c76d2c473822fba480c1
GET /res/tpl/default/css/common.css HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
livesouvenir.com/res/tpl/default/js/common.js
172.252.192.170200 OK 1.1 kB URL HTTP/1.1 livesouvenir.com/res/tpl/default/js/common.js
IP 172.252.192.170:0
File type Unicode text, UTF-8 (with BOM) text
Hash 769af3be46a9357906ccda002231e3b1
4b6cd0f34d4df837ef337ab2d9ba567c522b96da
c5c954f47d44b6474cccdea60f81026a328570b519922e15edf87a1819470899
GET /res/tpl/default/js/common.js HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
livesouvenir.com/res/tpl/default/js/jquery.bxslider.js
172.252.192.170200 OK 14 kB URL HTTP/1.1 livesouvenir.com/res/tpl/default/js/jquery.bxslider.js
IP 172.252.192.170:0
File type Unicode text, UTF-8 (with BOM) text
Hash cdec1dfa2290ff70ac763bc3199e16d8
20525cca62623451441d03f5d8dd4b7cca823339
27d2b77de3e478522de4c5e0d2f50771068a926e04f78d0274b1d06ddfd01a62
GET /res/tpl/default/js/jquery.bxslider.js HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 07:17:24 GMT
age: 1641
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4tPmSPA9y/7hzheUwKo+CA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u1frnbT9jH/DYRgo+2Uyl/8PG6I=
Date: Tue, 28 Mar 2023 07:44:45 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
livesouvenir.com/res/tpl/default/js/jquery-1.7.2.min.js
172.252.192.170200 OK 38 kB URL HTTP/1.1 livesouvenir.com/res/tpl/default/js/jquery-1.7.2.min.js
IP 172.252.192.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (32604)
Hash 3c90907286495ea9ae88f21bd6d83975
dda684cc8e7122c8fe6791b2886221a86256a1a7
dc6366e5dcedebfdc0cfe7ab9e7645d3489f807022e3ffd4518212e95beec3fd
GET /res/tpl/default/js/jquery-1.7.2.min.js HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
livesouvenir.com/res/tpl/default/css/reset.css
172.252.192.170200 OK 2.4 kB URL HTTP/1.1 livesouvenir.com/res/tpl/default/css/reset.css
IP 172.252.192.170:0
File type Unicode text, UTF-8 (with BOM) text
Hash 4f06a1e2e095cb107e1200a8f3d878fc
b322359c00e0a64ab6c75938f4b0a96247cbbb48
aa88f8fbbf3d37e9b10928f1d57956720c14c65d939d6688a2264c8576298a68
GET /res/tpl/default/css/reset.css HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 228e0519cdc3a7fe14ab1c379698cfe9
a1c6f19cea353cba9bd367186a62a6162e1d9c9b
d7d8daf85d0eae54f60983b1c1159f979f433f21ca553d01e6e837eaa0897aac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 01 Apr 2023 04:55:56 GMT
ETag: "a1c6f19cea353cba9bd367186a62a6162e1d9c9b"
Last-Modified: Tue, 28 Mar 2023 04:55:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee3fec6b2f069b-OSL
www.livesouvenir.com/jquery.min.js
172.252.192.170200 OK 809 B URL HTTP/1.1 www.livesouvenir.com/jquery.min.js
IP 172.252.192.170:0
File type ASCII text, with very long lines (3638)
Hash e1026d9e942f919f11b71263bd894603
7c50f2485a330623990aba4afca58a515464db06
66c657588550654a1594c37605b08b5d7493aac7caa65ad862c7e78b4070d7e3
NIDS Severity Alert suricata medium ET INFO JJEncode Encoded Script
GET /jquery.min.js HTTP/1.1
Host: www.livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 18 Jun 2022 01:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ad28e1-f38"
Expires: Tue, 28 Mar 2023 08:44:45 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
www.livesouvenir.com/tj.js
172.252.192.170200 OK 268 B URL HTTP/1.1 www.livesouvenir.com/tj.js
IP 172.252.192.170:0
File type ASCII text, with CRLF line terminators
Hash 4b7bc5ef69e749b56001f1dad5107916
811c991d35487e6ac06d24ebad707a83f604bce5
3f612cdc0711e4e50b19523b7b9a29e5423dec864d8ef2bd663ee3b2f57035c8
GET /tj.js HTTP/1.1
Host: www.livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: application/javascript
Content-Length: 268
Last-Modified: Thu, 16 Jun 2022 09:01:51 GMT
Connection: keep-alive
ETag: "62aaf17f-10c"
Expires: Tue, 28 Mar 2023 08:44:45 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
p1.qhimg.com/d/_onebox/search.png
54.230.111.108200 OK 2.9 kB URL HTTP/1.1 p1.qhimg.com/d/_onebox/search.png
IP 54.230.111.108:0
File type PNG image data, 260 x 43, 8-bit colormap, non-interlaced\012- data
Hash 996729035d9ea7dbd1dcf49bf99e78d9
aba797d529929ca0c864eaf7d3261aee61f3ad78
f7b46e16e323b71d7e8308e8aa62ab36453dd3b57935424f4b4166947f0e5863
GET /d/_onebox/search.png HTTP/1.1
Host: p1.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2941
Connection: keep-alive
Date: Mon, 06 Feb 2023 18:35:31 GMT
Last-Modified: Tue, 06 Dec 2022 08:33:09 GMT
xzp: zhkbrquvsxaf
Expires: Sun, 07 May 2023 18:35:31 GMT
Cache-Control: max-age=7776000
Access-Control-Allow-Origin: *
XCS: HIT
KCS-Via: MISS from w-fc03.lato;MISS from w-sc09.zzzc
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ixwgIpSZ1lmeS86fDgnJXsufgKWOfWSFNpUhVnhK9ca8c58WG5s01g==
Age: 4280954
livesouvenir.com/file/upload/2019/04/09/1555233607.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555233607.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555233607.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555233607.jpg
livesouvenir.com/file/upload/2019/04/09/1554827026.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554827026.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554827026.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554827026.jpg
livesouvenir.com/file/upload/2019/04/09/1555304013.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555304013.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555304013.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555304013.jpg
livesouvenir.com/file/upload/2019/04/09/1554857579.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554857579.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554857579.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554857579.jpg
livesouvenir.com/file/upload/2019/04/09/1555484643.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555484643.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555484643.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555484643.jpg
livesouvenir.com/file/upload/2019/04/09/1554810417.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554810417.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554810417.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554810417.jpg
livesouvenir.com/file/upload/2019/04/09/1555340773.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555340773.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555340773.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555340773.jpg
livesouvenir.com/file/upload/2019/04/09/1555747460.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555747460.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555747460.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555747460.jpg
livesouvenir.com/file/upload/2018/01/04/1515736940.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/04/1515736940.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/04/1515736940.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/04/1515736940.png
livesouvenir.com/file/upload/2018/01/22/1516744770.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/22/1516744770.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/22/1516744770.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/22/1516744770.jpg
livesouvenir.com/file/upload/2019/04/09/1554905703.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554905703.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554905703.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554905703.jpg
livesouvenir.com/file/upload/2018/01/05/1515312260.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/05/1515312260.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/05/1515312260.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/05/1515312260.jpg
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 12640c245ca89e8a1007d68479ee87a1
43ad1c7b75d8072139be8acd2fc43a27c4e5b2de
a322f6eafb6eb3fa4915b73ba3090f128a2db9dae0a0a70b6b526c5e70b8c9ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 01 Apr 2023 06:17:56 GMT
ETag: "43ad1c7b75d8072139be8acd2fc43a27c4e5b2de"
Last-Modified: Tue, 28 Mar 2023 06:17:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3108
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee3fef8e1d069b-OSL
www.baidu.com/img/baidu_jgylogo3.gif
104.193.88.77200 OK 705 B URL HTTP/1.1 www.baidu.com/img/baidu_jgylogo3.gif
IP 104.193.88.77:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 117 x 38\012- data
Hash 803bb46a6acef395ed9353de2dcf26f5
684764e45ebb267a15c337a6eb671047c7873ead
dc506b4253e2bb145e5b370f6088842382a8c2bd0632d9b265744f706727f7f5
GET /img/baidu_jgylogo3.gif HTTP/1.1
Host: www.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Content-Length: 705
Content-Type: image/gif
Date: Tue, 28 Mar 2023 07:44:45 GMT
Etag: "2c1-4a6473f6030c0"
Expires: Fri, 25 Mar 2033 07:44:45 GMT
Last-Modified: Wed, 22 Jun 2011 06:40:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=DBCB67E5622301E39B9A2F87A539C9BD:FG=1; expires=Wed, 27-Mar-24 07:44:45 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
livesouvenir.com/file/upload/2018/01/05/1515173463.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/05/1515173463.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/05/1515173463.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/05/1515173463.jpg
livesouvenir.com/file/upload/2021/07/15/1627097386.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2021/07/15/1627097386.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2021/07/15/1627097386.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2021/07/15/1627097386.jpg
livesouvenir.com/file/upload/2021/12/01/1639255001.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2021/12/01/1639255001.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2021/12/01/1639255001.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2021/12/01/1639255001.jpg
livesouvenir.com/file/upload/2018/01/22/1517274379.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/22/1517274379.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/22/1517274379.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/22/1517274379.jpg
livesouvenir.com/file/upload/2018/01/05/1515849317.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2018/01/05/1515849317.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2018/01/05/1515849317.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2018/01/05/1515849317.jpg
livesouvenir.com/res/tpl/default/images/more.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/more.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/more.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/more.png
livesouvenir.com/file/upload/2021/06/18/1624601080.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2021/06/18/1624601080.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2021/06/18/1624601080.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2021/06/18/1624601080.jpg
livesouvenir.com/file/upload/2020/08/14/1597448177.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1597448177.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1597448177.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1597448177.jpg
livesouvenir.com/file/upload/2022/06/21/1656453123.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2022/06/21/1656453123.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2022/06/21/1656453123.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2022/06/21/1656453123.jpg
livesouvenir.com/file/upload/2021/06/01/1622724888.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2021/06/01/1622724888.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2021/06/01/1622724888.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2021/06/01/1622724888.jpg
livesouvenir.com/file/upload/2021/11/16/1637287489.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2021/11/16/1637287489.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2021/11/16/1637287489.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2021/11/16/1637287489.jpg
livesouvenir.com/file/upload/2020/08/14/1597854098.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1597854098.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1597854098.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1597854098.jpg
livesouvenir.com/file/upload/2019/04/09/1555139091.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555139091.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555139091.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555139091.jpg
livesouvenir.com/res/tpl/default/images/links_pic1.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/links_pic1.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/links_pic1.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/links_pic1.png
livesouvenir.com/file/upload/2020/08/14/1598135608.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1598135608.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1598135608.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1598135608.jpg
livesouvenir.com/file/upload/2020/08/14/1597541054.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1597541054.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1597541054.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1597541054.jpg
livesouvenir.com/file/upload/2020/08/14/1597852251.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1597852251.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1597852251.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1597852251.jpg
livesouvenir.com/file/upload/2019/04/09/1555201233.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555201233.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555201233.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555201233.jpg
livesouvenir.com/file/upload/2019/04/09/1555421509.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555421509.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555421509.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555421509.jpg
livesouvenir.com/file/upload/2019/04/09/1554983528.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554983528.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554983528.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554983528.jpg
livesouvenir.com/file/upload/2019/04/09/1555278981.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555278981.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555278981.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555278981.jpg
livesouvenir.com/file/upload/2019/04/09/1555187374.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555187374.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555187374.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555187374.jpg
livesouvenir.com/file/upload/2020/08/14/1598103856.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2020/08/14/1598103856.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2020/08/14/1598103856.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2020/08/14/1598103856.jpg
livesouvenir.com/file/upload/2019/04/09/1554890008.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1554890008.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1554890008.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1554890008.jpg
www.sogou.com/web/index/images/logo_440x140.v.4.png
119.28.109.132200 OK 3.0 kB URL HTTP/1.1 www.sogou.com/web/index/images/logo_440x140.v.4.png
IP 119.28.109.132:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 440 x 140, 8-bit colormap, non-interlaced\012- data
Hash 31de1d2fa7d918fab2f59984391db1c8
4f4b78796b3fbf19971f182175bcd92b01ee470f
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85
GET /web/index/images/logo_440x140.v.4.png HTTP/1.1
Host: www.sogou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: image/png
Content-Length: 2950
Connection: keep-alive
Last-Modified: Mon, 10 Feb 2020 03:11:55 GMT
Set-Cookie: ABTEST=0|1679989486|v17; expires=Thu, 27-Apr-23 07:44:46 GMT; path=/
IPLOC=NO; expires=Wed, 27-Mar-24 07:44:46 GMT; domain=.sogou.com; path=/
SUID=9A2A5A5B2431A40A0000000064229AEE; expires=Mon, 23-Mar-2043 07:44:46 GMT; domain=.sogou.com; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ETag: "5e40c9fb-b86"
Expires: Sun, 24 Sep 2023 07:44:46 GMT
Cache-Control: max-age=15552000
UUID: 459d74c9-af7b-4599-be1a-4d59223847ca
Accept-Ranges: bytes
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c2d1c8e018f84051d234a74c240eeff1
f63213c39b069f1ecd9e851dc8f168c65ef6056d
78607e8c0c5ef33a42cab6ffcba4fe26e9cd3c291e2a817dd8b3609488e9df2b
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:46 GMT
last-modified: Sun, 26 Mar 2023 11:56:10 GMT
expires: Sun, 02 Apr 2023 11:56:09 GMT
etag: "f63213c39b069f1ecd9e851dc8f168c65ef6056d"
cache-control: max-age=524471,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7aee3ff44e83bbf1-FRA
via: cache25.l2de2[26,0], cache1.se1[49,0], cache2.se1[52,0]
timing-allow-origin: *, *
eagleid: 2ff62c9616799894867252047e, 2ff62c9616799894867252047e
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11701
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 07:44:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11701
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 07:44:46 GMT
Connection: keep-alive
livesouvenir.com/file/upload/2019/04/09/1555496697.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555496697.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555496697.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555496697.jpg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wlc65ytdELa_faMSddEDHZNsbtF1_CgMOho3W3BvkaOSrFyAkKUagg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:43:57 GMT
age: 36049
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: OUJZjN0YFRbVlZWNMbOXCvz9Ttj5bYtGwAOuGXR_T-GtUyWkXQAxhQ==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:53:24 GMT
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
age: 35482
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: JDa9YUJ9xo5mo8tb7poZC8XJDp6USTidZjWEwTZCrioJxR7vur6uJw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:00:12 GMT
age: 35074
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: hWI0gKHs2830OtWE9Or5YEsE4aQSNLzf85--OGAQEqPEN-6bgWBbFw==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:26 GMT
age: 34760
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11e0f4bc8f80c5009c099d6a371950e0
60b1df4be988d5e60b7834e39a12e3524fe0a767
c3149c1d902c6889bdab0287f69771a247ab21c6a5ad50cba0f200db561445b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11674
x-amzn-requestid: b3fa7a9c-bf5c-44df-96ed-546f4da8f794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i3GN7oAMF1LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-2f380b4972056b6c64703e55;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: GN5sLhd8yUOi_odvkY8SIx0DDtXfUQ1HxLRrdOqFHjcqjIuM1KXDyA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:27:55 GMT
age: 76611
etag: "60b1df4be988d5e60b7834e39a12e3524fe0a767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:10:22 GMT
age: 30864
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
livesouvenir.com/file/upload/2019/04/09/1555163635.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/file/upload/2019/04/09/1555163635.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /file/upload/2019/04/09/1555163635.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/Invoice-IRS-090129-9547
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/file/upload/2019/04/09/1555163635.jpg
www.kkfafa.top/jquery.minjs.js
154.208.101.161200 OK 4.3 kB URL HTTP/1.1 www.kkfafa.top/jquery.minjs.js
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (54636), with no line terminators
Hash bafc641cf9b014bf30d3c3c3cd4da043
70830a251abd0a930c85954278c5ad5a5ed602da
32d687ecd59f070e92495e063cd3d65d17a40953ea26a3e21844ea516c8adeee
GET /jquery.minjs.js HTTP/1.1
Host: www.kkfafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 17 Jun 2022 21:37:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62acf401-d56c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
www.bjjl.org.cn/file/upload/2019/04/09/1555304013.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555304013.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555304013.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555340773.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555340773.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555340773.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1554857579.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1554857579.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1554857579.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555484643.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555484643.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555484643.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1554810417.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1554810417.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1554810417.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555233607.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555233607.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555233607.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?57d1b23dc10f80a577949e8a71266f25
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?57d1b23dc10f80a577949e8a71266f25
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 112437f4a45d56db608b63de3ce98721
122cd6835920eef0fbf6d9a13c7798c6850203c2
3670edb37ecd59cf0ad2bf7f1c04cd69e1213d8f15e8c52fedc8fa34f3fea87e
GET /hm.js?57d1b23dc10f80a577949e8a71266f25 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Tue, 28 Mar 2023 07:44:46 GMT
Etag: 99c26013d41cd1cd4bca6ffeaad4792e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4B7AA0C48421B077; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
livesouvenir.com/res/tpl/default/images/searchbtn.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/searchbtn.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/searchbtn.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/searchbtn.png
livesouvenir.com/res/tpl/default/images/arrow_1.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/arrow_1.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/arrow_1.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/arrow_1.png
livesouvenir.com/res/tpl/default/images/hover_bg.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/hover_bg.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/hover_bg.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/hover_bg.png
livesouvenir.com/res/tpl/default/images/nav_bgcr.png
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/nav_bgcr.png
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/nav_bgcr.png HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/nav_bgcr.png
livesouvenir.com/res/tpl/default/images/dot_ico.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/dot_ico.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/dot_ico.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/dot_ico.jpg
livesouvenir.com/res/tpl/default/images/bom_banner.jpg
172.252.192.170302 Moved Temporarily 3 B URL HTTP/1.1 livesouvenir.com/res/tpl/default/images/bom_banner.jpg
IP 172.252.192.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /res/tpl/default/images/bom_banner.jpg HTTP/1.1
Host: livesouvenir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://livesouvenir.com/res/tpl/default/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.bjjl.org.cn/res/tpl/default/images/bom_banner.jpg
www.bjjl.org.cn/file/upload/2021/12/01/1639255001.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2021/12/01/1639255001.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2021/12/01/1639255001.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2022/06/21/1656453123.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2022/06/21/1656453123.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2022/06/21/1656453123.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2020/08/14/1597448177.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1597448177.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1597448177.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2020/08/14/1598135608.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1598135608.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1598135608.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2020/08/14/1597854098.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1597854098.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1597854098.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?d1b564d9ab625eb9b8995a46cfc2d7df
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d1b564d9ab625eb9b8995a46cfc2d7df
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 053f201b016a6934072004603dc36358
62acc725d05bc88ca20709843ee54ae288b4a33d
e802218590d11d26bb211fb4e6207ff9961663c57c58653f9c3edcc5978c13e3
GET /hm.js?d1b564d9ab625eb9b8995a46cfc2d7df HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 28 Mar 2023 07:44:46 GMT
Etag: c362a8f12f692379d3268703490c1c95
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E97D4E61331E11D8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.bjjl.org.cn/file/upload/2020/08/14/1598103856.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1598103856.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1598103856.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/searchbtn.png
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/searchbtn.png
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/searchbtn.png HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/arrow_1.png
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/arrow_1.png
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/arrow_1.png HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/hover_bg.png
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/hover_bg.png
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/hover_bg.png HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/nav_bgcr.png
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/nav_bgcr.png
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/nav_bgcr.png HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/dot_ico.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/dot_ico.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/dot_ico.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/res/tpl/default/images/bom_banner.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/res/tpl/default/images/bom_banner.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /res/tpl/default/images/bom_banner.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1180496588&si=57d1b23dc10f80a577949e8a71266f25&v=1.3.0&lv=1&sn=65317&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1180496588&si=57d1b23dc10f80a577949e8a71266f25&v=1.3.0&lv=1&sn=65317&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1180496588&si=57d1b23dc10f80a577949e8a71266f25&v=1.3.0&lv=1&sn=65317&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 28 Mar 2023 07:44:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6E023005DB19C520; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.bjjl.org.cn/file/upload/2020/08/14/1597541054.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1597541054.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1597541054.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2020/08/14/1597852251.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2020/08/14/1597852251.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2020/08/14/1597852251.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555201233.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555201233.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555201233.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555139091.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555139091.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555139091.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=132715221&si=d1b564d9ab625eb9b8995a46cfc2d7df&v=1.3.0&lv=1&sn=65318&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=132715221&si=d1b564d9ab625eb9b8995a46cfc2d7df&v=1.3.0&lv=1&sn=65318&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=132715221&si=d1b564d9ab625eb9b8995a46cfc2d7df&v=1.3.0&lv=1&sn=65318&r=0&ww=1280&u=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&tt=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 28 Mar 2023 07:44:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=032AEF1D26058280; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.bjjl.org.cn/file/upload/2019/04/09/1554983528.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1554983528.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1554983528.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1554890008.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1554890008.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1554890008.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1e7602dc5d9a94c4685c878a64b71fbb
cce671cfedcad6d4fd306e2efec0fa4f564003e6
23682098ecfecaee334316574c21460d604a0834674b1b28fa3347256a874bb2
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:47 GMT
last-modified: Sun, 26 Mar 2023 10:43:42 GMT
expires: Sun, 02 Apr 2023 10:43:41 GMT
etag: "cce671cfedcad6d4fd306e2efec0fa4f564003e6"
cache-control: max-age=571972,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 525
accept-ranges: bytes
cf-ray: 7aee3ffb39bb9b80-FRA
via: cache19.l2de2[8,0], cache1.se1[29,0], cache2.se1[31,0]
timing-allow-origin: *, *
eagleid: 2ff62c9616799894878425035e, 2ff62c9616799894878425035e
www.bjjl.org.cn/file/upload/2019/04/09/1555187374.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555187374.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555187374.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555421509.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555421509.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555421509.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555163635.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555163635.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555163635.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555496697.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555496697.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555496697.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555747460.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555747460.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555747460.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.bjjl.org.cn/file/upload/2019/04/09/1555278981.jpg
120.55.84.31404 Not Found 146 B URL HTTP/1.1 www.bjjl.org.cn/file/upload/2019/04/09/1555278981.jpg
IP 120.55.84.31:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /file/upload/2019/04/09/1555278981.jpg HTTP/1.1
Host: www.bjjl.org.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://livesouvenir.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:44:48 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.2022bifa.top/hbt/index.php?keyword=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app&from=pc&originurl=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=5178
154.212.113.175200 OK 817 B URL HTTP/1.1 www.2022bifa.top/hbt/index.php?keyword=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app&from=pc&originurl=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=5178
IP 154.212.113.175:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2601), with no line terminators
Hash cc9235c1591979b5009cbf3483ef3e6e
1b2a3e4743e85a89db3f95e1fe578cc066f81a69
9b43af186e6cb84f719ac8d76e0f34119e41e27e2ff33b2dfc80f842e2d7a332
GET /hbt/index.php?keyword=%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app_%E6%96%B0%E6%B5%A6%E9%87%91app%7C%E5%AE%98%E7%BD%91%E6%96%B0%E6%B5%A6%E9%87%91%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0app&from=pc&originurl=http%3A%2F%2Flivesouvenir.com%2FInvoice-IRS-090129-9547&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=5178 HTTP/1.1
Host: www.2022bifa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://livesouvenir.com
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
hm.baidu.com/hm.js?d1b564d9ab625eb9b8995a46cfc2d7df
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d1b564d9ab625eb9b8995a46cfc2d7df
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash a1d1f059c38e7d3a30648c97a66d378c
df6ca21cc1b0efe9746224334d24f54335fc3028
a93044d2153a09f4afc827c0c78562957f3bc1112180b91562a904b113f002d0
GET /hm.js?d1b564d9ab625eb9b8995a46cfc2d7df HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: c362a8f12f692379d3268703490c1c95
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 28 Mar 2023 07:44:48 GMT
Etag: cc781a40f8da069effd29829f0300449
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=95D3CBFF236D1CBF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b75d68be483d3c3b21da75bcab6a37fa
f09603b2391144160192b842fee60093806e2326
0d5378e7c88500b4c5e47f47c9e610f2d26b8986bbb5326730516c4814f7d48e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:49 GMT
last-modified: Sat, 25 Mar 2023 06:38:41 GMT
expires: Sat, 01 Apr 2023 06:38:40 GMT
etag: "f09603b2391144160192b842fee60093806e2326"
cache-control: max-age=599004,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7aee4003599937ef-FRA
via: cache9.l2de2[25,0], cache1.se1[47,0], cache2.se1[49,0]
timing-allow-origin: *, *
eagleid: 2ff62c9616799894891388651e, 2ff62c9616799894891388651e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b75d68be483d3c3b21da75bcab6a37fa
f09603b2391144160192b842fee60093806e2326
0d5378e7c88500b4c5e47f47c9e610f2d26b8986bbb5326730516c4814f7d48e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:49 GMT
last-modified: Sat, 25 Mar 2023 06:38:41 GMT
expires: Sat, 01 Apr 2023 06:38:40 GMT
etag: "f09603b2391144160192b842fee60093806e2326"
cache-control: max-age=599004,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 0
accept-ranges: bytes
cf-ray: 7aee40038a043a4f-FRA
via: cache5.l2de2[7,0], cache1.se1[30,0], cache7.se1[32,0]
timing-allow-origin: *, *
eagleid: 2ff62c9b16799894891704405e, 2ff62c9b16799894891704405e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b75d68be483d3c3b21da75bcab6a37fa
f09603b2391144160192b842fee60093806e2326
0d5378e7c88500b4c5e47f47c9e610f2d26b8986bbb5326730516c4814f7d48e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:49 GMT
last-modified: Sat, 25 Mar 2023 06:38:41 GMT
expires: Sat, 01 Apr 2023 06:38:40 GMT
etag: "f09603b2391144160192b842fee60093806e2326"
cache-control: max-age=599004,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7aee40039d342c77-FRA
via: cache3.l2de2[30,0], cache1.se1[50,0], cache7.se1[58,0]
timing-allow-origin: *, *
eagleid: 2ff62c9b16799894891784428e, 2ff62c9b16799894891784428e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b75d68be483d3c3b21da75bcab6a37fa
f09603b2391144160192b842fee60093806e2326
0d5378e7c88500b4c5e47f47c9e610f2d26b8986bbb5326730516c4814f7d48e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:49 GMT
last-modified: Sat, 25 Mar 2023 06:38:41 GMT
expires: Sat, 01 Apr 2023 06:38:40 GMT
etag: "f09603b2391144160192b842fee60093806e2326"
cache-control: max-age=599004,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7aee40039a7b365c-FRA
via: cache4.l2de2[29,0], cache1.se1[50,0], cache4.se1[57,0]
timing-allow-origin: *, *
eagleid: 2ff62c9816799894891765425e, 2ff62c9816799894891765425e
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b75d68be483d3c3b21da75bcab6a37fa
f09603b2391144160192b842fee60093806e2326
0d5378e7c88500b4c5e47f47c9e610f2d26b8986bbb5326730516c4814f7d48e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 28 Mar 2023 07:44:49 GMT
last-modified: Sat, 25 Mar 2023 06:38:41 GMT
expires: Sat, 01 Apr 2023 06:38:40 GMT
etag: "f09603b2391144160192b842fee60093806e2326"
cache-control: max-age=599004,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 7aee40039b5e2c19-FRA
via: cache19.l2de2[39,0], cache1.se1[61,0], cache3.se1[63,0]
timing-allow-origin: *, *
eagleid: 2ff62c9716799894891768992e, 2ff62c9716799894891768992e
www.2022tufafa.top/uploads/09cez3c9ytujxr7u2e23z8shr3dcyf288ic.gif
154.208.101.161200 OK 100 kB URL HTTP/1.1 www.2022tufafa.top/uploads/09cez3c9ytujxr7u2e23z8shr3dcyf288ic.gif
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 200\012- data
Size 100 kB (100237 bytes)
Hash 1e9b379b6194b1ce2ecaf27e7469dc04
d4c2e63a62046e0dfacac5144d3ea1b7acd116f1
2299bbd9be886bed92ed116d3c615ccb28f717e8a9bc6f85d7313ed44409248c
GET /uploads/09cez3c9ytujxr7u2e23z8shr3dcyf288ic.gif HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/gif
Content-Length: 100237
Last-Modified: Thu, 03 Nov 2022 11:12:50 GMT
Connection: keep-alive
ETag: "6363a232-1878d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/fjb8negh3smbqnvwzjptz1bg713i4hxyvo3.jpg
154.208.101.161200 OK 56 kB URL HTTP/1.1 www.2022tufafa.top/uploads/fjb8negh3smbqnvwzjptz1bg713i4hxyvo3.jpg
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Hash 87a9d827f6fd871223024b40b2646b9c
43bcec1633466893da0118ff81ebc1d875392f66
0c4a77dab5f3db9cc2269f073c9d8b182029128598d56c90a7d14b43f9f62947
GET /uploads/fjb8negh3smbqnvwzjptz1bg713i4hxyvo3.jpg HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/jpeg
Content-Length: 56006
Last-Modified: Fri, 17 Jun 2022 21:54:28 GMT
Connection: keep-alive
ETag: "62acf814-dac6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg
154.208.101.161200 OK 58 kB URL HTTP/1.1 www.2022tufafa.top/uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=100, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], baseline, precision 8, 1000x100, components 3\012- data
Hash 55199173f8a78793e0ed3b12f63ec2f8
8ab3baa0a600ea2aaca035111c9fdc32beaec9b2
f0dc0405fab1d407a56847fc6eed735e694376118e0ebe037655c850a818389b
GET /uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/jpeg
Content-Length: 57533
Last-Modified: Thu, 03 Nov 2022 08:23:32 GMT
Connection: keep-alive
ETag: "63637a84-e0bd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg
154.208.101.161200 OK 62 kB URL HTTP/1.1 www.2022tufafa.top/uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Hash c8e43ccc9c88624a86c0c190719d55ba
c273eba44ea68dbccaf44c36ef5d4c24cfdaee26
c34da23b1f8b51d2f0799b39e06ea1342347e7d4b32f39bbd94fa4cfb0cc1cfb
GET /uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/jpeg
Content-Length: 62211
Last-Modified: Fri, 17 Jun 2022 21:54:23 GMT
Connection: keep-alive
ETag: "62acf80f-f303"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg
154.208.101.161200 OK 53 kB URL HTTP/1.1 www.2022tufafa.top/uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Hash 09a9c5e99ec33235f28bdca03b58682e
81d68e1a6bc09d122f9a0984c23dffc01b8d1c1c
0a5fbab46d0fed48a729000dc2c5415bea823742bc19cc2e4118f8844627414b
GET /uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/jpeg
Content-Length: 52696
Last-Modified: Fri, 17 Jun 2022 21:54:24 GMT
Connection: keep-alive
ETag: "62acf810-cdd8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/ewf6txeytg1oljjbba6epx9kjdv9vkoizgx.gif
154.208.101.161200 OK 212 kB URL HTTP/1.1 www.2022tufafa.top/uploads/ewf6txeytg1oljjbba6epx9kjdv9vkoizgx.gif
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 300\012- data
Size 212 kB (211787 bytes)
Hash 2342695d65196553e9e5b823fb0196ec
9c6c31108d5d9ef9ea4887281e5dd2d85df6317f
bf342df8d510eb38463950b34e02cb95ec11dffb688b9382639b883e07daed81
GET /uploads/ewf6txeytg1oljjbba6epx9kjdv9vkoizgx.gif HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:49 GMT
Content-Type: image/gif
Content-Length: 211787
Last-Modified: Thu, 03 Nov 2022 08:40:28 GMT
Connection: keep-alive
ETag: "63637e7c-33b4b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
www.2022tufafa.top/uploads/2psxjmhledfn03z67ck8vbit9arwoy5qu1g.gif
154.208.101.161200 OK 376 kB URL HTTP/1.1 www.2022tufafa.top/uploads/2psxjmhledfn03z67ck8vbit9arwoy5qu1g.gif
IP 154.208.101.161:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 70\012- data
Size 376 kB (376264 bytes)
Hash b7a698b483d2b998170b510d4b53b3ac
00b550064357a2495874282355a2eabb8eff9f0d
f0fa6ce59021edf670a90ac0df04de37e15a3361db6094ec6f2d7ef6d565b91e
GET /uploads/2psxjmhledfn03z67ck8vbit9arwoy5qu1g.gif HTTP/1.1
Host: www.2022tufafa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://livesouvenir.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:44:50 GMT
Content-Type: image/gif
Content-Length: 376264
Last-Modified: Fri, 17 Jun 2022 21:54:23 GMT
Connection: keep-alive
ETag: "62acf80f-5bdc8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes