firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 04:52:39 GMT
Expires: Sat, 22 Oct 2022 05:04:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 58w-rVjDKLQzPWnLIxUCh6xEp7mjZtSAQ_pcx4wCIogLMtss5VyfdA==
Age: 13
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18181
Expires: Sat, 22 Oct 2022 09:55:53 GMT
Date: Sat, 22 Oct 2022 04:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18136
Expires: Sat, 22 Oct 2022 09:55:08 GMT
Date: Sat, 22 Oct 2022 04:52:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GmHRURRDZu5VjYw/qIpxBwAFcbjLZrwFQ1yGCqInv32lCj/V4C/iTuwz1D7bNQIo3xWeu6H4yWI=
x-amz-request-id: MFKFJ1JP2XNAHX8G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 04:07:29 GMT
age: 2723
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 04:52:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tba5.top/
23.225.140.18200 OK 939 B IP 23.225.140.18:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash 34e8be5543cdb5d44c5c89cbc9ab0809
759bf21d839d7d203adeb5f0907e54c5419cb1fe
874f298443cd1248e9fd79bca6306a1e606c790c523edd2efe4d15ddf8518a0f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 939
Pragma: no-cache
Cache-control: no-store
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 04:43:40 GMT
Expires: Sat, 22 Oct 2022 04:56:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wp8owo60tF_3nlRah4gIUiyMIJ-6-ag3VrmHSHQAJLMj94ZG4mcf4Q==
Age: 553
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1303
Cache-Control: max-age=99337
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:53 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 08:28:30 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IyqXfJNVzvjchhAmZU9aOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qHdTix1IOhgB2wjVxbrYooNrVF4=
tba5.top/?kwtwhy=i8d7n
23.225.140.18200 OK 926 B IP 23.225.140.18:0
Hash f5e9df302eeb3535215760657e6b2b16
193b94fbe3d310bc31a9b3cfb1fbd85a48874f02
9ac9456be75e725b2f801d8cb7046a1d8653452947708c46fbd135f0c1d320c7
Analyzer Verdict Alert fortinet Malware
GET /?kwtwhy=i8d7n HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tba5.top/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 926
Pragma: no-cache
Cache-control: no-store
tba5.top/favicon.ico
23.225.140.18404 Not Found 2.0 kB IP 23.225.140.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 21794f49e3942b1aaa16ae84c14dc36d
5e8a82f143522e358389499b3deb0d8f9116d823
7b012128712be61d237597e2d233da7aa89404cf5ab966b58e86041859f610d0
GET /favicon.ico HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 04:53:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
23.225.140.18307 Temporary Redirect 15 kB URL HTTP/1.1 tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
IP 23.225.140.18:0
File type gzip compressed data, from Unix\012- data
Hash eb03b5a245c37f74a1d51ab07ecb9bc2
c313543c68bf195766e70db6685cb1a4a71be1ea
1885998051256a3445062d079745b2540c334eab6a6d6b7e6b4764b02f2e2807
GET /?kwtwhy=i8d7n&wapkha=kmalg2 HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Location: /?kwtwhy=i8d7n&wapkha=kmalg2
Connection: Close
tba5.top/template/m1938pc/css/ate.css
23.225.140.18200 OK 6.0 kB URL HTTP/1.1 tba5.top/template/m1938pc/css/ate.css
IP 23.225.140.18:0
File type ASCII text, with CRLF line terminators
Hash 775ec9fd65a59632efdf68fc5af2dfad
a51c8530feab204356baa78c94848b688de1caf5
683dab144184920b21b643c2e6de55202e5528633318697e652fec75a8016d93
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:06 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 12:25:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62614d4c-126e4"
Expires: Sat, 22 Oct 2022 16:53:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 99b42dee4eda1452b5d64f79ca2fac18
a1636ee1aebb9f63c2768c306baa1382214ffff2
d0b28cceb34d0ba8ef51df4fc4750ac61dfa1f24ca4523f870b29596bb5745f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D0B28CCEB34D0BA8EF51DF4FC4750AC61DFA1F24CA4523F870B29596BB5745F3"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4054
Expires: Sat, 22 Oct 2022 06:00:28 GMT
Date: Sat, 22 Oct 2022 04:52:54 GMT
Connection: keep-alive
tba5.top/template/m1938pc/css/zui.css
23.225.140.18200 OK 22 kB URL HTTP/1.1 tba5.top/template/m1938pc/css/zui.css
IP 23.225.140.18:0
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 4378f1663173a87a5961c3c044053b10
b5006f73439368d03d54f95e688555d86251a5f0
a0d6837a9a00938d49402078d087769fc750acdb2f93f9d5d9ac6a6d8cdda0d2
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:06 GMT
Content-Type: text/css
Last-Modified: Sun, 24 Apr 2022 03:44:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6264c780-1806e"
Expires: Sat, 22 Oct 2022 16:53:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
tba5.top/template/m1938pc/html9/ads/ttf.js
23.225.140.18200 OK 956 B URL HTTP/1.1 tba5.top/template/m1938pc/html9/ads/ttf.js
IP 23.225.140.18:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (555), with CRLF line terminators
Hash 1d1b8e26b23ece8e163440621f1f75ec
787194032fad4584475ac586ddda1feebde34f31
4d6f1eb30c4ba3aeef73033127a11851d7be3112ca68c3373088c58f14f0d863
Analyzer Verdict Alert fortinet Malware
GET /template/m1938pc/html9/ads/ttf.js HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:06 GMT
Content-Type: application/javascript
Content-Length: 956
Last-Modified: Thu, 13 Oct 2022 10:51:04 GMT
Connection: keep-alive
ETag: "6347ed98-3bc"
Expires: Sat, 22 Oct 2022 16:53:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18786
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 04:52:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 139dcd1a5232524efac37c0f9e482cae
7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03
0d1d8e62b00d9f03f45cb1c59dcfd269b22ff4b54ea0bacdb88449ac2d4443dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8133
x-amzn-requestid: 39a5952e-d747-4cfd-99cf-316e92a82835
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-kPGFooAMFV_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353114e-167f08dd48e9934c48c196ff;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8VL0kOr2ur7BbAOZjmnWcLhv-uaDWMh5eh1bkoc1Dq8U8DiM1Hz8Tw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:10 GMT
age: 24764
etag: "7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP9aRT8xL5F2kf36A-lMaIQ9FSAEUGo8jmx9y63iIBDdyWYujkXXPw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 24418
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tba5.top/favicon.ico
23.225.140.18307 Temporary Redirect 1.8 kB IP 23.225.140.18:0
File type gzip compressed data, from Unix\012- data
Hash 6fc356208740e1a9fc8cce7fba7bcec0
752da2514a4aedeebea188d01305c960ff7d4188
1c5d6edd13574c6f68752ee8b1aa878fe900b5a54b5771fb0d33681e0a9d295a
GET /favicon.ico HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/
HTTP/1.1 307 Temporary Redirect
Location: /favicon.ico
Connection: Close
tba5.top/template/m1938pc/ads/img/1.gif
23.225.140.18200 OK 254 B URL HTTP/1.1 tba5.top/template/m1938pc/ads/img/1.gif
IP 23.225.140.18:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/ads/img/1.gif HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:07 GMT
Content-Type: image/gif
Content-Length: 254
Last-Modified: Thu, 21 Apr 2022 12:25:50 GMT
Connection: keep-alive
ETag: "62614d4e-fe"
Expires: Mon, 21 Nov 2022 04:53:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18785
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18785
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d160ee4-90c9-475e-89f5-96ffcf319568.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d160ee4-90c9-475e-89f5-96ffcf319568.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6f96021c0e4062fa57848cd8b8db687
6d4ecd346cee7558363457b79556aa40d25ac53b
224415e627351f2133d8ad5f2a821892f61db7f738958e07e735c2d49077c24f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d160ee4-90c9-475e-89f5-96ffcf319568.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12599
x-amzn-requestid: 34254c8d-e34c-4b72-a1be-4261e0ad7930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSsCAGacoAMFg8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350f3a6-3f546152216cea5869834230;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 07:07:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8bWps_MRlO2vuJlyzBBoWfTuVslwOEeKYR-KKKGeVhJoiB24_rRAcA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:14:55 GMT
age: 77880
etag: "6d4ecd346cee7558363457b79556aa40d25ac53b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e44a8dcfdfa8527125ae334ecf2acc2c
c6cf8d68ae9c8c76f072576bca1c271ae70f7525
81386f6c1e64e32069aeeb7a340b0d51851ca907f9db223570e70e5c46f04fed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12012
x-amzn-requestid: f0a1e367-d30e-488c-82d6-005eb15a21c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-TLE1MoAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310e0-27ce063b550723635109ca7b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VEMcF0HdB5O2-7cLAZGGI4XmWu5RDySUzD9owOQv_T02ZmV8pRpSLQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:25:48 GMT
age: 23227
etag: "c6cf8d68ae9c8c76f072576bca1c271ae70f7525"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18785
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TDa1YZjZ70BYwTbiiaBV1J1WVtzXpAZ1j-wKfsviXvhbhnc8f0Huiw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 24623
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18785
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 24623
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a417257aa570926346d73b4348e95de4
b9592720c490a1b2737651fa4ae263a62ca0a851
30db5175390dc4317033fed3aaff8b631397eebc8918a53ffff52f0bbe0af167
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4317
Cache-Control: max-age=155276
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Etag: "635321d6-2d7"
Expires: Mon, 24 Oct 2022 00:00:51 GMT
Last-Modified: Fri, 21 Oct 2022 22:48:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 727
p3.toutiaoimg.com/origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c
47.246.44.229200 OK 186 kB URL HTTP/2 p3.toutiaoimg.com/origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 186 kB (186342 bytes)
Hash c4aec2fc715ed9100d40a15aa4b82c28
c147669e2e7bffdbff992edf4b8ab2b146040dce
b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df
GET /origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c HTTP/1.1
Host: p3.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 186342
date: Sun, 09 Oct 2022 17:01:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 09 Oct 2022 17:01:32 GMT
nw-session-id: 2022101001013201013110703637BEBAF2427b202tt
nw-session-trace: 2022-10-10T01:01:32.551612847+08:00 40
x-bdcdn-cache-status: TCP_MISS
x-length: 186342
x-powered-by: ImageX
x-response-date: Mon, 10 Oct 2022 01:01:32 GMT
x-tt-logid: 2022101001013201013110703637BEBAF2
via: n132-080-035, cache20.l2st3-1[0,7,200-0,H], cache6.l2st3-1[9,0], cache6.l2st3-1[9,0], cache25.l2hk2[16,15,200-0,M], cache23.l2hk2[16,0], cache23.l2hk2[19,0], cache6.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache20.l2de2[1,0], cache5.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:4:365::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01a7a7fb57b7365a7dbbe660d39d17328705af83558d2cab85d6f27633ddb5d43b2874712ff45a51f9f46036bc7bbd819d7ccfb66c632cf1d3231447adb5983e9c92329ee5a6fec6b795b8ffe68a20f178
x-response-lb: image
ali-swift-global-savetime: 1665334892
age: 1079483
x-cache: HIT TCP_MEM_HIT dirn:11:414452803
x-swift-savetime: Fri, 21 Oct 2022 09:12:54 GMT
x-swift-cachetime: 30527318
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516664143753734624e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 581e7deab11d4608631fc1c26ec5390e
ec5858345f7f7889a5b69c4dd50123198f97bca7
015e5011f8084384afdf300630ae4c80b6a43490a35df82a6be6fc7d2b087e1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "015E5011F8084384AFDF300630AE4C80B6A43490A35DF82A6BE6FC7D2B087E1C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11263
Expires: Sat, 22 Oct 2022 08:00:38 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cb78ca8b109137d72e36068adf8d678
0286a2949d49716debf58c84ac594cd6ff3dc06e
e8fecd6621ee168bd8578676c6496c5f2f632b83f908389c21a2bc76a5ffafc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8FECD6621EE168BD8578676C6496C5F2F632B83F908389C21A2BC76A5FFAFC5"
Last-Modified: Thu, 20 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16034
Expires: Sat, 22 Oct 2022 09:20:09 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 581e7deab11d4608631fc1c26ec5390e
ec5858345f7f7889a5b69c4dd50123198f97bca7
015e5011f8084384afdf300630ae4c80b6a43490a35df82a6be6fc7d2b087e1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "015E5011F8084384AFDF300630AE4C80B6A43490A35DF82A6BE6FC7D2B087E1C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17846
Expires: Sat, 22 Oct 2022 09:50:21 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.3.157200 OK 9.2 kB URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.3.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: image/jpg
content-length: 9166
cache-control: public, max-age=16070400
cf-bgj: h2pri
etag: "43ae14560cdbc69ce960a28002f04309"
last-modified: Wed, 28 Jul 2021 07:06:38 GMT
x-amz-id-2: IZRvItv2KlIfxpVowD85Xg4Uk/1H+XuQTEdfoFWsc+IpA1zQW2wADVI9pTz2bh7YaCysOgO/974=
x-amz-request-id: NT1CVYHWGWWJEKRS
cf-cache-status: HIT
age: 11856607
expires: Wed, 26 Apr 2023 04:52:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa056a80fb50c-OSL
X-Firefox-Spdy: h2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ca39704f2c05343d0f13aaa99b68aefb
c5443dca52d2fd47588c5a75786e4ef31566a07e
fa3b3f65eefee1e48e9a8262acaa4621c6343caf48c19a8f0be0d72d9e428530
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=307
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash af06ba3926ea5b38bf460473374fa376
77252bc71ed99ec62b210b980b0ea3296535da03
ddc6cd2346842366886be90f7caa6836bcec4f76a27218e0d36b93bb76d3bd88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91889
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Etag: "63523b18-118"
Expires: Sun, 23 Oct 2022 06:24:24 GMT
Last-Modified: Fri, 21 Oct 2022 06:24:24 GMT
Server: nginx
Content-Length: 280
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ca39704f2c05343d0f13aaa99b68aefb
c5443dca52d2fd47588c5a75786e4ef31566a07e
fa3b3f65eefee1e48e9a8262acaa4621c6343caf48c19a8f0be0d72d9e428530
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=404
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f515dc122eca20290ec6c5cb183cc6b6
4d356f28aaf1de323c228b61ff9c3dd40e36f903
5b5cc02746f141c80bd7252c881fa8d9ae7d87b7f5968b01c3e3c2da273eef0c
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=720
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3015b122f5b2055c3505c87956133be9
d392a1907be8fb595c1de5ec2c24c71ccbfe9253
667c9f865e303077be3a8650547c7ef827a0cae768fb8af056164fd204d4da51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "667C9F865E303077BE3A8650547C7EF827A0CAE768FB8AF056164FD204D4DA51"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11227
Expires: Sat, 22 Oct 2022 08:00:02 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
tba5.top/template/m1938pc/images/video-play.png
23.225.140.18200 OK 1.6 kB URL HTTP/1.1 tba5.top/template/m1938pc/images/video-play.png
IP 23.225.140.18:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:07 GMT
Content-Type: image/png
Content-Length: 1567
Last-Modified: Thu, 21 Apr 2022 12:26:08 GMT
Connection: keep-alive
ETag: "62614d60-61f"
Expires: Mon, 21 Nov 2022 04:53:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.35:0
Hash 63ac7042b1996af1279995f445d8f6b4
a19774cdcca6b8df4b047e3440339658208041cc
97f94b26eb53fc2019379a65497f8e881dac48ef8f9563fab84702d375c05162
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dimg04.c-ctrip.com/images/01051120009zoyqzt6244.gif?proc=autoorient
104.110.17.24200 OK 532 kB URL HTTP/2 dimg04.c-ctrip.com/images/01051120009zoyqzt6244.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 240 x 140\012- data
Size 532 kB (532399 bytes)
Hash 63a3f4743b6b47516b293c1110319d43
a253d2d99c8dc2bd399d7c7f8df918d259b0548a
12d18a7995968ba83d462b20dfe93cb610a697c3da367c4d36cac558cd5a0608
GET /images/01051120009zoyqzt6244.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 532399
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13073219
expires: Wed, 22 Mar 2023 12:19:54 GMT
date: Sat, 22 Oct 2022 04:52:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
img.mresou.com/img/1015.png
104.21.233.160200 OK 92 kB URL HTTP/2 img.mresou.com/img/1015.png
IP 104.21.233.160:0
File type PNG image data, 960 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash dcaba67b151de58de82271071641dd9f
8503984ef58a23d83a9bd1a15607c84755a44783
56584451d60505dd7a607661087e2abfb7b27fbec1c8356fa73300835d0fabed
GET /img/1015.png HTTP/1.1
Host: img.mresou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: image/png
content-length: 91507
last-modified: Sat, 15 Oct 2022 08:07:51 GMT
etag: "634a6a57-16573"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjYthyEDyyUdt6zhHo3VPuzcprEUn8rYH11cE5b8bJjLQcJ606d0zQTyY986bhwfWXO%2FQuNNrpSEmvpJKn4ZNCkbrsg%2BGF53nzUddxiHmIckujzdLzFk9ugkYM2AEjV9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa055ce347201-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
104.110.17.24200 OK 894 kB URL HTTP/2 dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8977407
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Sat, 22 Oct 2022 04:52:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
tba5.top/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
23.225.140.18404 Not Found 7.2 kB URL HTTP/1.1 tba5.top/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
IP 23.225.140.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 61770fce11a09cf460d45cb507670b0b
a91724b0e57f8426b0e3572cbcb226359ae6501c
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
Analyzer Verdict Alert fortinet Malware
GET /template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://tba5.top/template/m1938pc/css/zui.css
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 04:53:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: text/html
content-length: 162
location: https://kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101m120009zp3eju944D.gif?proc=autoorient
104.110.17.24200 OK 1.3 MB URL HTTP/2 dimg04.c-ctrip.com/images/0101m120009zp3eju944D.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 1.3 MB (1317280 bytes)
Hash b276222bf91dc1de6f0ba4040c278453
63e94cf10f92df826f49b8424b6b21094a3ebc9d
f51a06df325fa2a2d1724a40d50ff038045e98bbf98fc732e98f3d220ed7d9ed
GET /images/0101m120009zp3eju944D.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1317280
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13073172
expires: Wed, 22 Mar 2023 12:19:07 GMT
date: Sat, 22 Oct 2022 04:52:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.tupku.top/lm/031815-80.gif
104.21.82.102200 OK 1.6 MB URL HTTP/2 www.tupku.top/lm/031815-80.gif
IP 104.21.82.102:0
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:55 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Tue, 15 Nov 2022 22:22:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 415103
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9gtPH4q1YIP9RjSk87v4r%2FqLBVIyAsg16dbvvGJhiUqIBKfiCIaQTuzTiV%2Fy74qhxkPjyHB4vdQPmJJxILCeXq9cTWr4AMdoZLTeg9VEys1979PTpkrlZul7YP9Bj%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0577fc3b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.yxzb02.com/x1.gif
152.32.211.89301 Moved Permanently 162 B IP 152.32.211.89:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /x1.gif HTTP/1.1
Host: img.yxzb02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 22 Oct 2022 04:52:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://img.yxzb02.com/x1.gif
Strict-Transport-Security: max-age=31536000
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash c278fdd9339c6d544447ccf5a0cdeedb
437ca1ca09d5e2173dfa28298aeabb5a82e4757b
5566c1f58488aa221b27c1103fa6c9d630be2258c14215194fe32437dee7d0ee
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 26 Oct 2022 02:14:45 GMT
ETag: "437ca1ca09d5e2173dfa28298aeabb5a82e4757b"
Last-Modified: Sat, 22 Oct 2022 02:14:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0591ab30b41-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash c278fdd9339c6d544447ccf5a0cdeedb
437ca1ca09d5e2173dfa28298aeabb5a82e4757b
5566c1f58488aa221b27c1103fa6c9d630be2258c14215194fe32437dee7d0ee
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 26 Oct 2022 02:14:45 GMT
ETag: "437ca1ca09d5e2173dfa28298aeabb5a82e4757b"
Last-Modified: Sat, 22 Oct 2022 02:14:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0591ba5b523-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 24d3a3c95f44883b633e701149aab79a
bb23eda75f650330dfff1671a296876bfcc7d63e
72d607e95192172d5a67ca63dc5ffb6545eaa1fb21b78c45a36c210482a6440a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 03:40:14 GMT
ETag: "bb23eda75f650330dfff1671a296876bfcc7d63e"
Last-Modified: Sat, 22 Oct 2022 03:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2164
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0591dee0afe-OSL
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.35:0
Hash 63ac7042b1996af1279995f445d8f6b4
a19774cdcca6b8df4b047e3440339658208041cc
97f94b26eb53fc2019379a65497f8e881dac48ef8f9563fab84702d375c05162
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tba5.top/template/m1938pc/fonts/iconfont.woff
23.225.140.18200 OK 525 B URL HTTP/1.1 tba5.top/template/m1938pc/fonts/iconfont.woff
IP 23.225.140.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
Analyzer Verdict Alert fortinet Malware
GET /template/m1938pc/fonts/iconfont.woff HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://tba5.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:07 GMT
Content-Type: font/woff
Content-Length: 525
Last-Modified: Thu, 21 Apr 2022 12:34:04 GMT
Connection: keep-alive
ETag: "62614f3c-20d"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4166f8a3d951ed202e826d6d5c5429a
1749c1e4a3833ebf3723c053b80b54d61fdd5661
6b0b796dd3120da995118d6b37e0c3e34dbfdb939d6bea76c84d612999a991bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0B796DD3120DA995118D6B37E0C3E34DBFDB939D6BEA76C84D612999A991BB"
Last-Modified: Fri, 21 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2183
Expires: Sat, 22 Oct 2022 05:29:18 GMT
Date: Sat, 22 Oct 2022 04:52:55 GMT
Connection: keep-alive
tgqd.tsmgsoce.com/photo_2022-06-01_20-47-37.jpg
104.21.38.14200 OK 34 kB URL HTTP/2 tgqd.tsmgsoce.com/photo_2022-06-01_20-47-37.jpg
IP 104.21.38.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x227, components 3\012- data
Hash c0d604a0cfb05fb9cf577d033e7eb92c
95fcfc3d6350cfc82153efc243b04d34a3091789
f5b5991b71976196a5b0194bac5db5ed79c2d25d4a5acc78e8a43de9e60eb5d6
GET /photo_2022-06-01_20-47-37.jpg HTTP/1.1
Host: tgqd.tsmgsoce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/jpeg
content-length: 33648
last-modified: Wed, 01 Jun 2022 13:49:38 GMT
etag: "62976e72-8370"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-headers: auth_token,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Range,User-Agent,X-CustomHeader,X-Mx-ReqToken,X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 600
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSO48XZ6S2XuoXRzFWsIpmZJC3QlrAy%2BFbMes104PbI0X41CL3JUxvcHUJBkc5BUaesgKEYHUCMeNfpo9fhXKSDYAqhJukwmLNGYOpXu%2FL0J266hsRogctmFR8LXJi748PEAdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0570a821bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5efa028095760a452c152e8c053f5453
efec3e15a42e01fe67445f89bab1fceec00c4b99
348639aa090692c9443bc2ec17be2ac5fde76924c3b4404e7228c5c22b12c5a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 15:09:32 GMT
Expires: Wed, 26 Oct 2022 15:09:31 GMT
Etag: "efec3e15a42e01fe67445f89bab1fceec00c4b99"
Cache-Control: max-age=381994,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75dfa05918e20b02-OSL
tba5.top/template/m1938pc/fonts/iconfont.ttf
23.225.140.18200 OK 257 B URL HTTP/1.1 tba5.top/template/m1938pc/fonts/iconfont.ttf
IP 23.225.140.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6bf2659c287c7e192ff7c20853205e4
91087c59b4f1a108c0515d4daeb8d4cc49b62da5
a3cc4d1f67765644ce73654ad2d0a1e9f2b85553268d2f3e4d438da3bda75bb4
Analyzer Verdict Alert fortinet Malware
GET /template/m1938pc/fonts/iconfont.ttf HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 04:53:08 GMT
Content-Type: application/octet-stream
Content-Length: 257
Last-Modified: Thu, 21 Apr 2022 12:34:02 GMT
Connection: keep-alive
ETag: "62614f3a-101"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 072dd178678c4dfad3e4320249105373
96742c11ba4ffcf5017074b05f2acfed9ee7685d
516cedfdf3469f5f3ae986a5cfb515754234f11848ff1c05564dd41f14541afe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118182
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Etag: "6352a1cd-117"
Expires: Sun, 23 Oct 2022 13:42:37 GMT
Last-Modified: Fri, 21 Oct 2022 13:42:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 072dd178678c4dfad3e4320249105373
96742c11ba4ffcf5017074b05f2acfed9ee7685d
516cedfdf3469f5f3ae986a5cfb515754234f11848ff1c05564dd41f14541afe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118182
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:55 GMT
Etag: "6352a1cd-117"
Expires: Sun, 23 Oct 2022 13:42:39 GMT
Last-Modified: Fri, 21 Oct 2022 13:42:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f799d1e71349801fcfa8690c1e12e302
751067ead72dd960647df7b4d0b4b967473f372b
2d56ae8f5ed5a4e9cf83fc71a348b8133c63b08d35abecafd82e39b89afcc7de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126833
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:56 GMT
Etag: "6352c399-118"
Expires: Sun, 23 Oct 2022 16:06:49 GMT
Last-Modified: Fri, 21 Oct 2022 16:06:49 GMT
Server: nginx
Content-Length: 280
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
172.67.170.188200 OK 1.1 MB URL HTTP/2 nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tba5.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Mon, 14 Nov 2022 15:23:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 566957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F%2BEVPn0u9hjoTg%2BFfiD%2Fvh4zDbzjGxTPwb%2FnZjC65yByhMuwl477ZveaprfT7Mrnmu6FLUA5Ie%2BMj1tN08uBxi7UayWG72l2JAcCIIL9UhHnDSvh30KR%2Fj5jqGe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa05a9cd60b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
172.67.170.188200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tba5.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Wed, 16 Nov 2022 14:41:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 396665
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dVMNd9QVzx0A8IchWH4AKmkPCjZcO8Aae0ZY2OvDqHy%2FIe9Lo5lQ4H7sfl6aQLCGlBC6iRF4iYMoWmiZri3eIRl4LKl8X4%2BWC8%2BMSOVguU%2FfIUkf4zCviPlJWHa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa05a9cd90b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
172.67.213.234200 OK 566 kB URL HTTP/2 kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 172.67.213.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhsss.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tba5.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Wed, 16 Nov 2022 16:00:02 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 391974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNWk2V9wTxjxgBtPknVsaG4S0UpJYHFmv4MJ8uf46pBC1kS2qZ%2FeevYpU2GaVoLLw8z6vG1Tmw5JLwKSJdS7Egorw31bXgY7XKmycgs8z3SVwIgfXxzgeumBP1Ek"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa05ac94d1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 072dd178678c4dfad3e4320249105373
96742c11ba4ffcf5017074b05f2acfed9ee7685d
516cedfdf3469f5f3ae986a5cfb515754234f11848ff1c05564dd41f14541afe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=118182
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:56 GMT
Etag: "6352a1cd-117"
Expires: Sun, 23 Oct 2022 13:42:39 GMT
Last-Modified: Fri, 21 Oct 2022 13:42:37 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f799d1e71349801fcfa8690c1e12e302
751067ead72dd960647df7b4d0b4b967473f372b
2d56ae8f5ed5a4e9cf83fc71a348b8133c63b08d35abecafd82e39b89afcc7de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=126833
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:56 GMT
Etag: "6352c399-118"
Expires: Sun, 23 Oct 2022 16:06:49 GMT
Last-Modified: Fri, 21 Oct 2022 16:06:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d3091132b8c4113a1aae1772d166bd2f
1f7918191c804b4bdff564462eb62f86d4758357
0048ac0fb8d27c46ca419e10a16297f3d75435be31aa7ce7146a1c3d965bd178
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 22 Oct 2022 04:52:56 GMT
Last-Modified: Fri, 21 Oct 2022 23:18:47 GMT
ETag: "635328d7-1d7"
Expires: Sun, 23 Oct 2022 23:18:47 GMT
Cache-Control: max-age=152751
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1666414376
Via: cache20.l2de2[184,184,200-0,M], cache20.l2de2[185,0], cache2.se1[205,205,200-0,M], cache2.se1[206,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 22 Oct 2022 04:52:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616664143760305968e
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash af06ba3926ea5b38bf460473374fa376
77252bc71ed99ec62b210b980b0ea3296535da03
ddc6cd2346842366886be90f7caa6836bcec4f76a27218e0d36b93bb76d3bd88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91888
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:56 GMT
Etag: "63523b18-118"
Expires: Sun, 23 Oct 2022 06:24:24 GMT
Last-Modified: Fri, 21 Oct 2022 06:24:24 GMT
Server: nginx
Content-Length: 280
fmtu.netfhtu.com/upload/vod/20200717/fc2ppv_1224981.jpg
104.21.235.64200 OK 182 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/20200717/fc2ppv_1224981.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, height=1536, bps=158, orientation=upper-left, width=2048], baseline, precision 8, 900x718, components 3\012- data
Size 182 kB (182470 bytes)
Hash 26ee9be124b5984834cafb45dc8fea2d
a0e8a4e8d0b993c4bd7b760777d7eb12a5b09ed9
34a6c588695017f7841227ade960fe0f643042bd18d7982e1d7878343ccb4c96
GET /upload/vod/20200717/fc2ppv_1224981.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/jpeg
content-length: 182470
last-modified: Fri, 17 Jul 2020 11:18:56 GMT
etag: "5f118920-2c8c6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14lOou0Dzn2S53f8Aq0BdeZW1hkmvBwVTrS%2FLOks%2F1VInHKCoDHlu5An%2FnRqsxfeobt7nuc5Kjn9Db12hx7Ck6sSiFrZZfK3B1L%2FkzQnR6jnxvcHJwQ55XS%2BvbtoC%2BF5sIMh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa055faba0672-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0yFVWR9AM6k
163.171.140.79200 OK 140 kB URL HTTP/2 si1.go2yd.com/get-image/0yFVWR9AM6k
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 750 x 376\012- data
Size 140 kB (140259 bytes)
Hash 4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732
GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 63537728_PShlamstdAMS1se91_19394-6063
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
tvax4.sinaimg.cn/large/008t7KXCgy1h5wvdrfz0qg303c03c75m.gif
23.36.76.146301 Moved Permanently 169 B URL HTTP/2 tvax4.sinaimg.cn/large/008t7KXCgy1h5wvdrfz0qg303c03c75m.gif
IP 23.36.76.146:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8c2170ef3ddebf996718575917956e9c
618ab5fab7445b7797272607a22c0d307465857f
31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55
GET /large/008t7KXCgy1h5wvdrfz0qg303c03c75m.gif HTTP/1.1
Host: tvax4.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
content-type: text/html
content-length: 169
x-ban: MISS,18046
pragma: public
x-request-id: g62.99-1666414283.741000-1914488735
location: //tvax4.sinaimg.cn/images/default_d_s_large.gif#101
edge-copy-time: 1666414283744
x-via-cdn: f=Akamai,s=23.36.76.142,c=91.90.42.154;f=edge,s=cmcc.guangzhou.union.100.nb.sinaedge.com,c=23.45.50.63;f=Edge,s=ctc.guangzhou.union.183,c=172.16.174.100
x-via-edge: 16664142859293f322d1764ae10ac5e0fdc9b
access-control-allow-credentials: true
network_info: CN_GUANGZHOU_9808, NO_OSLO_50304, NO_OSLO_50304
cache-control: max-age=26
date: Sat, 22 Oct 2022 04:52:56 GMT
x-cache: TCP_MISS from a23-36-76-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-cache-remote: TCP_REFRESH_MISS from a23-36-76-127.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (S)
served-from: e:23.45.50.63
X-Firefox-Spdy: h2
tvax4.sinaimg.cn/images/default_d_s_large.gif
23.36.76.146200 OK 7.1 kB URL HTTP/2 tvax4.sinaimg.cn/images/default_d_s_large.gif
IP 23.36.76.146:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 360 x 360\012- data
Hash 41e5d4e3002de5cea3c8feae189f0736
4146f3b42f71ab9571a2cf2586cb5fa13bfdcef5
e6e333264f197a7e6bda94c1b4fc00529af89f07af0dbd1e57e7805927910860
GET /images/default_d_s_large.gif HTTP/1.1
Host: tvax4.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tba5.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 7125
x-ban: MISS,10534
last-modified: Tue, 17 May 2022 07:49:53 GMT
etag: "628353a1-1bd5"
accept-ranges: bytes
edge-copy-time: 1653211584961
x-via-cdn: f=Akamai,s=23.36.76.142,c=91.90.42.154;f=edge,s=ctc.guangzhou.union.52.nb.sinaedge.com,c=23.32.248.84;f=Edge,s=cmcc.guangzhou.union.106,c=10.31.54.52
x-via-edge: 165324123573354f8201734361f0a047f2bfe
access-control-allow-credentials: true
network_info: DE_FRANKFURT_24940, DK_NAKSKOV_15516, NO_OSLO_43905, BE_SAINTGHISLAIN_396982, NO_OSLO_50304
cache-control: max-age=6692440
expires: Sat, 07 Jan 2023 15:53:36 GMT
date: Sat, 22 Oct 2022 04:52:56 GMT
x-cache: TCP_HIT from a23-36-76-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
served-from: e:23.36.76.142
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/cqphgpi1hb51128cqphgpi1hb5443275.jpg
104.22.13.214200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/cqphgpi1hb51128cqphgpi1hb5443275.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash d0114b456407365bb26160947cacd4a2
f247076ef15777042335fe2e82d93d16ac507af1
73dfcfbce973657f4da0493e4be0f7dbfb8af6b00061218fafd1eb2935596370
GET /upload/vod/2022/10-17/11/cqphgpi1hb51128cqphgpi1hb5443275.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/jpeg
content-length: 7048
last-modified: Mon, 17 Oct 2022 03:28:44 GMT
etag: "634ccbec-1b88"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f89b527-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0852d297796b48e775d168384cdc2593
5d85ed08dc6f6d3de07b5a78a4036a1c4b16e285
1c943524b676006fbe128681319828bc6870cc7ef4b34c4341f3dd6b4384b80b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C943524B676006FBE128681319828BC6870CC7EF4B34C4341F3DD6B4384B80B"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 10:52:56 GMT
Date: Sat, 22 Oct 2022 04:52:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0852d297796b48e775d168384cdc2593
5d85ed08dc6f6d3de07b5a78a4036a1c4b16e285
1c943524b676006fbe128681319828bc6870cc7ef4b34c4341f3dd6b4384b80b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C943524B676006FBE128681319828BC6870CC7EF4B34C4341F3DD6B4384B80B"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Sat, 22 Oct 2022 10:52:38 GMT
Date: Sat, 22 Oct 2022 04:52:56 GMT
Connection: keep-alive
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 04:50:54 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Mon, 21 Nov 2022 04:50:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hxsface.top/8499/960X120.gif
154.39.67.229301 Moved Permanently 233 B URL HTTP/1.1 hxsface.top/8499/960X120.gif
IP 154.39.67.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e9ca1403133c827aaa3e1f27359a7192
ecf19f1bf25b06bf449ca58d06452c7da6706fab
ffe6e308061d7dda3d2f0b2ca543233a4fe5df74ebec0f794e7f84329e8b74ad
GET /8499/960X120.gif HTTP/1.1
Host: hxsface.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 04:52:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hxsface.top/8499/960X120.gif
Strict-Transport-Security: max-age=31536000
Server: cdn-ddos-cc
X-Cache-Status: MISS
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/250x250.gif
47.75.19.177200 OK 122 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/250x250.gif
IP 47.75.19.177:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 250 x 250\012- data
Size 122 kB (122547 bytes)
Hash d63e11c48b462c581faf97c9924bda4a
5d8b2e8af38db38edb689ddcbb2fe0f061a2b1b1
bcc556c7c19342152aceaa4f7d87a99699a8d50517460cb38684be1b22dfd2ce
GET /gg/250x250.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 22 Oct 2022 04:52:56 GMT
Content-Type: image/gif
Content-Length: 122547
Connection: keep-alive
x-oss-request-id: 635377287E084E3735AB674B
Accept-Ranges: bytes
ETag: "D63E11C48B462C581FAF97C9924BDA4A"
Last-Modified: Sat, 09 Jul 2022 12:36:49 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15413832102061128828
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 1j4RxItGLFgfr5fJkkvaSg==
x-oss-server-time: 1
hm.baidu.com/hm.js?f9ec34b3904a207ece304ce35c4902cd
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f9ec34b3904a207ece304ce35c4902cd
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash b91729a9890e2d4eaf06be25ef6dd820
c0c3a62f2c595846507e696a78285d87ba1bda33
a66878543101b210f1d3b0680e716e252b3944d99b07eb45641a638d784c8095
GET /hm.js?f9ec34b3904a207ece304ce35c4902cd HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sat, 22 Oct 2022 04:52:56 GMT
Etag: 9dfe6ab5f07a72538b9685ca1067144b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1526CD0122D221BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif?proc=autoorient
47.75.19.177200 OK 96 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif?proc=autoorient
IP 47.75.19.177:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash 57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952
GET /gg/960X60.gif?proc=autoorient HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 22 Oct 2022 04:52:56 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 635377288A23F731333E40A4
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 1ddf8190a0aa817c7477e7ac54f5f112
299e5b8dc4f3b1d6a23774467486fc6d23ee274b
b1695fd6e2ce313fa64ce9f0dcead16b22c52e0e24f4bb7ae3a5f673551909a9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 02:14:39 GMT
ETag: "299e5b8dc4f3b1d6a23774467486fc6d23ee274b"
Last-Modified: Sat, 22 Oct 2022 02:14:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0626b06b4ff-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 1ddf8190a0aa817c7477e7ac54f5f112
299e5b8dc4f3b1d6a23774467486fc6d23ee274b
b1695fd6e2ce313fa64ce9f0dcead16b22c52e0e24f4bb7ae3a5f673551909a9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 02:14:39 GMT
ETag: "299e5b8dc4f3b1d6a23774467486fc6d23ee274b"
Last-Modified: Sat, 22 Oct 2022 02:14:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0626a080afe-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 1ddf8190a0aa817c7477e7ac54f5f112
299e5b8dc4f3b1d6a23774467486fc6d23ee274b
b1695fd6e2ce313fa64ce9f0dcead16b22c52e0e24f4bb7ae3a5f673551909a9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 02:14:39 GMT
ETag: "299e5b8dc4f3b1d6a23774467486fc6d23ee274b"
Last-Modified: Sat, 22 Oct 2022 02:14:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dfa0627d81b4f9-OSL
cdn-xinghuatupian-cdn.com/xh/200x200.gif
154.197.15.240200 OK 174 kB URL HTTP/2 cdn-xinghuatupian-cdn.com/xh/200x200.gif
IP 154.197.15.240:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 174 kB (173918 bytes)
Hash 244b4e49ec5bb4f58c3489cf450ecd47
9cd1a210e9b24bb4d9e3f933512066b251981426
b8daee26c934893d31997c7652c2b683191c7259692e764499c964408be0cf19
GET /xh/200x200.gif HTTP/1.1
Host: cdn-xinghuatupian-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 173918
last-modified: Sun, 02 Oct 2022 06:51:55 GMT
etag: "6339350b-2a75e"
expires: Sun, 20 Nov 2022 15:09:22 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tx2.a.yximgs.com/udata/music/music_81bdbf0e25cf4d8bac783716e8d79a9e0.jpg
43.132.64.83200 OK 313 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_81bdbf0e25cf4d8bac783716e8d79a9e0.jpg
IP 43.132.64.83:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 313 kB (312874 bytes)
Hash 3f28cbf5614f5986a979a26b07000584
348b2785e0c10554e2e05ee03063fc32779e3b68
b262e1a3f6fbf04917a7dd2fefb81f926f534d1b2d30d810415f64ccaeae52fb
GET /udata/music/music_81bdbf0e25cf4d8bac783716e8d79a9e0.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: image/jpeg
Content-Length: 312874
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 04:52:56 GMT
Last-Modified: Fri, 21 Oct 2022 13:10:39 GMT
X-NWS-LOG-UUID: 62cc58bf-721f-4598-b802-bd182354b3de
x-ks-http-first-data: 1
X-Ks-Request-ID: 62cc58bf-721f-4598-b802-bd182354b3de
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "3f28cbf5614f5986a979a26b07000584"
x-cos-hash-crc64ecma: 6704624790298149931
x-cos-request-id: NjM1MjlhNGZfMjgxNWYyMDlfMmUwMDNfNDZlMTZlN2U=
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster
tx2.a.yximgs.com/udata/music/music_2b865f0d14554a1a908621876f67fa440.jpg
43.132.64.83200 OK 824 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_2b865f0d14554a1a908621876f67fa440.jpg
IP 43.132.64.83:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 824 kB (824465 bytes)
Hash 83a0fbbc5111aed24a0cc5c8de39e8ec
b255f9c8851c05cabf151fd8f2d73c4ff2a071cf
259f28148b6b90e52934d8deafbb2b59f3f0c0df235132b2d3e1fb631e7223ba
GET /udata/music/music_2b865f0d14554a1a908621876f67fa440.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: image/jpeg
Content-Length: 824465
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 04:52:56 GMT
Last-Modified: Thu, 08 Sep 2022 11:38:45 GMT
X-NWS-LOG-UUID: 490d2928-9b72-435f-8790-41385a5455de
x-ks-http-first-data: 1
X-Ks-Request-ID: 490d2928-9b72-435f-8790-41385a5455de
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "83A0FBBC5111AED24A0CC5C8DE39E8EC"
X-KSLOGID: 666357839562120857
x-amz-id-2: fGBhaN0tB4Bw9/JAAcxK24qsi7/mkAG8M5eJWH5mOuBQ+l97KBjF/IoTMKsb
x-amz-request-id: 909bdfde588049c59b3ef79a8c48840a
x-amz-storage-class: STANDARD
x-bs-object-status: 0
x-cos-origin-request-id: NjM1MjlhNGZfNjQ4NGE0MWVfNDcxXzJiYTk2ZDU=
x-cos-request-id: NjM1MjlhNGZfNzU4ZmFjMDlfNWE4Yl9kNGFmMjk5
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster
tx2.a.yximgs.com/udata/music/music_b95c74d4b20b48a2870918b84c0bb5150.jpg
43.132.64.83200 OK 730 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_b95c74d4b20b48a2870918b84c0bb5150.jpg
IP 43.132.64.83:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 730 kB (729792 bytes)
Hash ffd53b6a9d6349a54b488227d86eb693
ee62f72326bd40f7c6e593d021afb95c04f433c2
8c3cb63b6ce0712aa0e63ee239ac15f199ffa96728931953a2c654bcdb412a80
GET /udata/music/music_b95c74d4b20b48a2870918b84c0bb5150.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 04:52:57 GMT
Content-Type: image/jpeg
Content-Length: 729792
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 04:52:56 GMT
Last-Modified: Tue, 20 Sep 2022 09:11:01 GMT
X-NWS-LOG-UUID: a4fa915b-21b7-4794-b4cd-c1e351ea75d1
x-ks-http-first-data: 1
X-Ks-Request-ID: a4fa915b-21b7-4794-b4cd-c1e351ea75d1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "ffd53b6a9d6349a54b488227d86eb693"
x-cos-hash-crc64ecma: 16703299867502657083
x-cos-request-id: NjM1MjlhNTJfMTgxNWYyMDlfMWU0NGNfNDc3ZDgxNTA=
x-cos-storage-class: STANDARD_IA
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster
vbutjg.com/ff5d8d0ee7ba49f9b1624a3837b5b09e.gif
103.189.108.99200 OK 491 kB URL HTTP/2 vbutjg.com/ff5d8d0ee7ba49f9b1624a3837b5b09e.gif
IP 103.189.108.99:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 491 kB (490709 bytes)
Hash 12f48e3549c313b9d43138ccb5cfdff7
16e970dd02bd8cf1ab8aa8c674d46f1cd5d65a4d
f2f83642abd46506fda7246affcea4809bce990baa2556effa9127edf1538883
GET /ff5d8d0ee7ba49f9b1624a3837b5b09e.gif HTTP/1.1
Host: vbutjg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "633555c0-77cd5"
server: nginx
date: Sun, 02 Oct 2022 00:12:46 GMT
content-type: image/gif
last-modified: Thu, 29 Sep 2022 08:22:24 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-089
content-length: 490709
X-Firefox-Spdy: h2
cdn-xinghuatupian-cdn.com/xh/a1.gif
154.197.15.240200 OK 431 kB URL HTTP/2 cdn-xinghuatupian-cdn.com/xh/a1.gif
IP 154.197.15.240:0
File type GIF image data, version 89a, 640 x 160\012- data
Size 431 kB (430666 bytes)
Hash a4152706fb3028847a535f886b406161
a5c9a4b31947da57ebc43d59b658fcb64f056ca8
93b09ac3b36a1c60eb4b42c3f8522c92c8bddccfdd2fe9b575cc53ee8d5b5339
GET /xh/a1.gif HTTP/1.1
Host: cdn-xinghuatupian-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 430666
last-modified: Tue, 04 Oct 2022 12:54:52 GMT
etag: "633c2d1c-6924a"
expires: Sun, 20 Nov 2022 20:50:11 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-11/11/1evritie2od11231evritie2od523617.jpg
172.247.77.90200 OK 7.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-11/11/1evritie2od11231evritie2od523617.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash e031473c09f322f90320857be1cd9b72
1d959b937302c49d51d9d91aa60ebd33c18e3ee5
31d1f19ce759190b36d788ea21507759aae9707207de6f73ee52c89a8185fd0d
GET /upload/vod/2022/07-11/11/1evritie2od11231evritie2od523617.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 04:52:46 GMT
Content-Type: image/jpeg
Content-Length: 7654
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2022 03:23:52 GMT
ETag: "62cb97c8-1de6"
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693387852&si=f9ec34b3904a207ece304ce35c4902cd&su=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n&v=1.2.97&lv=1&sn=55946&r=0&ww=1280&ct=!!&u=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n%26wapkha%3Dkmalg2&tt=%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E8%A7%82%E7%9C%8B
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693387852&si=f9ec34b3904a207ece304ce35c4902cd&su=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n&v=1.2.97&lv=1&sn=55946&r=0&ww=1280&ct=!!&u=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n%26wapkha%3Dkmalg2&tt=%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E8%A7%82%E7%9C%8B
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693387852&si=f9ec34b3904a207ece304ce35c4902cd&su=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n&v=1.2.97&lv=1&sn=55946&r=0&ww=1280&ct=!!&u=http%3A%2F%2Ftba5.top%2F%3Fkwtwhy%3Di8d7n%26wapkha%3Dkmalg2&tt=%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E8%A7%82%E7%9C%8B HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 22 Oct 2022 04:52:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F7643595B456488F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 53d83f728fe68f7579501eb2ed2bae79
96a295def7e5cc34e5be675dac41ac9603d2f9e9
d43cd4719992d10b42eb56e8c29dc786c87d13a879e1b823d856d7d39ed8145e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 221
Cache-Control: max-age=112655
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 04:52:57 GMT
Etag: "63528b5b-2d7"
Expires: Sun, 23 Oct 2022 12:10:32 GMT
Last-Modified: Fri, 21 Oct 2022 12:06:51 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 727
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 932dcdd48fec0d3e2c809c67e6591301
3b21506c8b708007566c61794dd940b2cffbcc75
d3ae9212a3e38c65fe8b47bb6b5039f1a9665953d87db04d5f5cfc74919f279c
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 22 Oct 2022 04:52:57 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 0e3b0cb72fe6c8abe9862fae6b27a0ba
410d54c59dec32b8887193af2675ec18c8198c9e
75e15af4784ef94b19aac8499d81ee4c95f28557bed0d451dcd14efb9b32bdd0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 22 Oct 2022 04:52:57 GMT
Connection: keep-alive
X-N: S
hm.baidu.com/hm.js?f9ec34b3904a207ece304ce35c4902cd
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f9ec34b3904a207ece304ce35c4902cd
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c70ed83cf429517dc1c4731043a3273d
43eb44d20feb78ca218757a3ad1b0d651b278c4a
be0dc8c438770c88b23005e2fddc6ff01916e0c2764173f6cc259492f3a2c444
GET /hm.js?f9ec34b3904a207ece304ce35c4902cd HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 9dfe6ab5f07a72538b9685ca1067144b
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Sat, 22 Oct 2022 04:52:57 GMT
Etag: 2e26127e82f377d6622a9828442d8e28
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DD871048B97217B9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.yxzb02.com/x1.gif
152.32.211.89200 OK 426 kB IP 152.32.211.89:0
ASN #135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
File type GIF image data, version 89a, 393 x 262\012- data
Size 426 kB (425627 bytes)
Hash 8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3
GET /x1.gif HTTP/1.1
Host: img.yxzb02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 04:52:56 GMT
content-type: image/gif
content-length: 425627
last-modified: Wed, 31 Aug 2022 08:34:29 GMT
etag: "630f1d15-67e9b"
expires: Mon, 21 Nov 2022 04:52:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/gbklir5cgtw1128gbklir5cgtw443273.jpg
104.22.13.214200 OK 5.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/gbklir5cgtw1128gbklir5cgtw443273.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d5fd9ca6a402625bd69cc8c1d64c096
5f8c502128f257eb2c3567a1e26af5e2b4c2eb05
f47544442ce50f8bcd29d2820743341c5e402f1bd72fc8fa30b8b8f431646735
GET /upload/vod/2022/10-17/11/gbklir5cgtw1128gbklir5cgtw443273.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:58 GMT
content-type: image/webp
content-length: 5314
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7425
content-disposition: inline; filename="gbklir5cgtw1128gbklir5cgtw443273.webp"
etag: "634ccbec-1d01"
last-modified: Mon, 17 Oct 2022 03:28:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 75dfa0536f86b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/15dn1j531n0180215dn1j531n01314812.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/15dn1j531n0180215dn1j531n01314812.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a1ebf86d83ff13ed431967a6c974eda1
1d0b4199d19008a64bfeec35a819ebdc45619a55
957b3b6f0968341f72d940a5857a01f0bb092940823269c51dc49f30c8e01e6c
GET /upload/vod/2020/04-25/18/15dn1j531n0180215dn1j531n01314812.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 11868
last-modified: Sat, 25 Apr 2020 10:02:13 GMT
etag: "5ea40aa5-2e5c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa053afa7b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/t4x1kiqwncn1128t4x1kiqwncn313257.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/t4x1kiqwncn1128t4x1kiqwncn313257.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 349540a112d68ae0e36b918b43bf7ec5
b5fa93f053fafcb57eb965ede09d87266ccdb69d
ed164741da324d49bc48aa15a1d5015b3782dfe6b2f3a49234c4e9a93985b322
GET /upload/vod/2022/10-17/11/t4x1kiqwncn1128t4x1kiqwncn313257.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 12468
last-modified: Mon, 17 Oct 2022 03:28:31 GMT
etag: "634ccbdf-30b4"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f79b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-06/11/1lfmwiwtymu11481lfmwiwtymu555059.jpg
104.22.13.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-06/11/1lfmwiwtymu11481lfmwiwtymu555059.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash e888a1cf9a525c5af2ae1b10364dcb9b
fb4266ff5ea375cc4ed8529d99c6775788baf136
beff9b4ab3c9f5a682debb01feb8e452c47dfa22b3435c03663d04560edd1f98
GET /upload/vod/2022/10-06/11/1lfmwiwtymu11481lfmwiwtymu555059.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 8912
last-modified: Thu, 06 Oct 2022 03:48:55 GMT
etag: "633e5027-22d0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f7eb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/rwb5khmnvd51802rwb5khmnvd50414683.jpg
104.22.13.214200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/rwb5khmnvd51802rwb5khmnvd50414683.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 89af4aae27cf9e4d305c87078badd029
cc6ed286c4c48a97bba7cdb778b0e3206e804a81
d52ffc47a101000adcc729b36114ec80a9bbf6146f120bb29cee11f872440785
GET /upload/vod/2020/04-25/18/rwb5khmnvd51802rwb5khmnvd50414683.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 7870
last-modified: Sat, 25 Apr 2020 10:02:04 GMT
etag: "5ea40a9c-1ebe"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0537f8fb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-06/11/2ifuca2cifv11482ifuca2cifv555061.jpg
104.22.13.214200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-06/11/2ifuca2cifv11482ifuca2cifv555061.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2aee2f5d0883bf8999e3612d3c6dc5d1
87f4a1c6837d15d5411fca1efb5fea135cf07b98
44775c3fec1f6b9793cf165aff1bdef101b943db31d4ad6413141178112f14c2
GET /upload/vod/2022/10-06/11/2ifuca2cifv11482ifuca2cifv555061.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 9904
last-modified: Thu, 06 Oct 2022 03:48:56 GMT
etag: "633e5028-26b0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f7fb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/gyujeeekqsi1128gyujeeekqsi383261.jpg
104.22.13.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/gyujeeekqsi1128gyujeeekqsi383261.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 8x13, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 5babf21ee9caaf3011c8dbfe16cb8322
8aad5b62e3ec3a45fa30164ac88566c2ad83704e
c78c97fdbfdfc1b2cbfda79a882a103ec3e0e6f06eb0b2eaf2b1ce0c63be6917
GET /upload/vod/2022/10-17/11/gyujeeekqsi1128gyujeeekqsi383261.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 8120
last-modified: Mon, 17 Oct 2022 03:28:38 GMT
etag: "634ccbe6-1fb8"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f80b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/stds5dgun1e1802stds5dgun1e2214957.jpg
104.22.13.214200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/stds5dgun1e1802stds5dgun1e2214957.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c1d32da810ee1a7ca44e08a28bc5e94d
963f85a6515ceb232dba82afe214e935d0e29119
d885b1e61ce2d32e182be5ed185b28cd8eab6916ed7873028c8513f46f4b6e8d
GET /upload/vod/2020/04-25/18/stds5dgun1e1802stds5dgun1e2214957.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 9814
last-modified: Sat, 25 Apr 2020 10:02:22 GMT
etag: "5ea40aae-2656"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa053afa4b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
104.22.13.214200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 41b481766a540b769f7315663aa97b38
f568219dacca45dc8e23fc4dd56a4a4e25bf2b59
b7c6bb271a51a48f7e669b901e2f9e4a7d5bf02eaac5cf03b6100491e74f44a8
GET /upload/vod/2022/10-06/11/00o132v41lk114800o132v41lk545057.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 9594
last-modified: Thu, 06 Oct 2022 03:48:54 GMT
etag: "633e5026-257a"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f7cb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/3yau13tbu1c11283yau13tbu1c403265.jpg
104.22.13.214200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/3yau13tbu1c11283yau13tbu1c403265.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 8x13, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 2bbc578cdce4e88f524b8e5475d07ff8
0d92574d075ea0144f020413acdf76298870632e
37d9d9614317d29eae9ef08bc1e6c860b9d0dc08bca6fdbdcd2102b025f8a021
GET /upload/vod/2022/10-17/11/3yau13tbu1c11283yau13tbu1c403265.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 5872
last-modified: Mon, 17 Oct 2022 03:28:40 GMT
etag: "634ccbe8-16f0"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f82b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/3bnq0zonn0f18023bnq0zonn0f0614719.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/3bnq0zonn0f18023bnq0zonn0f0614719.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a98783ad0b105c538e8ba5d93dde0ea4
989f7cfcf64df37a7b59c8cad422c11ae8f8b32a
33c298a4bf57c1f7ef11d55d7c8bd96592b82bfafc0fbf8a54f4b2038615441e
GET /upload/vod/2020/04-25/18/3bnq0zonn0f18023bnq0zonn0f0614719.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 7607
last-modified: Sat, 25 Apr 2020 10:02:07 GMT
etag: "5ea40a9f-1db7"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0537f90b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/ptpcrueo1pi1128ptpcrueo1pi423269.jpg
104.22.13.214200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/ptpcrueo1pi1128ptpcrueo1pi423269.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 6b97a013c9369c4acb965555516d69e8
66be45a5591ff2c8c55794d777dfde03974d9a95
03b6decff9e47500fe6464ec1f0223ed924a2e18d5707a13a5fe28cac6698462
GET /upload/vod/2022/10-17/11/ptpcrueo1pi1128ptpcrueo1pi423269.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 5703
last-modified: Mon, 17 Oct 2022 03:28:42 GMT
etag: "634ccbea-1647"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f83b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/1px0ualc32011281px0ualc320293253.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/1px0ualc32011281px0ualc320293253.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d847cae892dba46fae104c07381c780c
58bfb176f8e97ac82ec32c4a01d68b234fa58bf1
5c7cbae39bb117f3c9b69c32ac12d22919e49d1373e7c556701369a33d279bea
GET /upload/vod/2022/10-17/11/1px0ualc32011281px0ualc320293253.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 10717
last-modified: Mon, 17 Oct 2022 03:28:29 GMT
etag: "634ccbdd-29dd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f75b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/tmucndjvwac1128tmucndjvwac303255.jpg
104.22.13.214200 OK 17 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/tmucndjvwac1128tmucndjvwac303255.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash faa71e162975585bdacc5569d1151ad2
3ab8c988ffaaa238079a503a265ac9b69f3424ad
7c968d098916af87aca1ed54660ca96551c74f7be70853e4fe80c7f333bc696d
GET /upload/vod/2022/10-17/11/tmucndjvwac1128tmucndjvwac303255.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 16803
last-modified: Mon, 17 Oct 2022 03:28:30 GMT
etag: "634ccbde-41a3"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f77b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/gxpqndjc44t1802gxpqndjc44t3115087.jpg
104.22.13.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/gxpqndjc44t1802gxpqndjc44t3115087.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7bfdc954efd944a4242a9d48569425a5
84b7e2e701c844bd17917b0e56a3d8c9d29c33cd
aecacbc83307f70001e2fb0cc5b0b4b15a0be5e235e4861804db58b698e3cb4e
GET /upload/vod/2020/04-25/18/gxpqndjc44t1802gxpqndjc44t3115087.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 12561
last-modified: Sat, 25 Apr 2020 10:02:31 GMT
etag: "5ea40ab7-3111"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f73b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
104.22.13.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 6515b428812ee0938a3bd77f6f2a17f2
f9babb54d289c90562d6541315d39da09cf76919
086a58422c77df96f57f2ca4c0773c63ab07f8ac492ef7f63aeb8b8641774247
GET /upload/vod/2022/10-06/11/foc4nzefonz1148foc4nzefonz535055.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 8644
last-modified: Thu, 06 Oct 2022 03:48:53 GMT
etag: "633e5025-21c4"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f7bb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/jaev2citeni1802jaev2citeni0714731.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/jaev2citeni1802jaev2citeni0714731.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9ab77fe899e69348a6a317bcfc30d20b
440388693857760ddf2a6b5c613b00432b3acc7b
76481236715296a79cb1398405b8b10c654b269c8fc8c95aad9c6b9796932d30
GET /upload/vod/2020/04-25/18/jaev2citeni1802jaev2citeni0714731.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 11530
last-modified: Sat, 25 Apr 2020 10:02:07 GMT
etag: "5ea40a9f-2d0a"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0538f97b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-25/18/vs12qzf0j411802vs12qzf0j412114945.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-25/18/vs12qzf0j411802vs12qzf0j412114945.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f8f81629cca804c6b862876c4097b653
e37f2a7467fa8f6b5bec5f6103844d898a4b0376
ca9fbff4f7f82cd3323252e7c7fab88c3636151f5360dd61fc24b5e31cdee043
GET /upload/vod/2020/04-25/18/vs12qzf0j411802vs12qzf0j412114945.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 12239
last-modified: Sat, 25 Apr 2020 10:02:21 GMT
etag: "5ea40aad-2fcf"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0538f98b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/jixxhlftket1128jixxhlftket433271.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/jixxhlftket1128jixxhlftket433271.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash dae46bfa4c7151f867d218d3f800c330
6506b45d7b23c39cefdace6406a7686fc26e9db0
74628c2a715a0a5345df53c5cfef729d8349b147788907cc9eb9e774ee19aad8
GET /upload/vod/2022/10-17/11/jixxhlftket1128jixxhlftket433271.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:59 GMT
content-type: image/jpeg
content-length: 10012
last-modified: Mon, 17 Oct 2022 03:28:43 GMT
etag: "634ccbeb-271c"
cache-control: max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75dfa0536f85b527-OSL
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
182.118.39.169200 OK 678 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP 182.118.39.169:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:58 GMT
content-type: image/gif
content-length: 677521
server: openresty
age: 7335064
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HAzhengzhou-AREACUCC1-CACHE60[3],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE117[7],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,6]
x-hcs-proxy-type: 1
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
hxsface.top/8499/960X120.gif
154.39.67.229200 OK 246 kB URL HTTP/2 hxsface.top/8499/960X120.gif
IP 154.39.67.229:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 246 kB (245730 bytes)
Hash e7c9418cc4b1db452845d03cb45877a6
d0706feced92a11abc2cb112d7f031238fd614e9
6af890baf114ab8d8a4ca09f64befaa8dc664256395a2cff5882cb1da434c47b
GET /8499/960X120.gif HTTP/1.1
Host: hxsface.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tba5.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 04:52:58 GMT
content-type: image/gif
content-length: 245730
last-modified: Wed, 19 Oct 2022 13:33:52 GMT
etag: "634ffcc0-3bfe2"
expires: Sun, 20 Nov 2022 13:33:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-12/12/ybq4czuwtvk1231ybq4czuwtvk424033.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-12/12/ybq4czuwtvk1231ybq4czuwtvk424033.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4cf35256b1bb19ad6b32772823eef204
e5043548d999cbea05e41b31bf828f98883cc02c
752d5e17420adf0a3ccd25d5d31b198de9347b9c1df3fe25afd4f9cec301083b
GET /upload/vod/2022/07-12/12/ybq4czuwtvk1231ybq4czuwtvk424033.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 04:52:49 GMT
Content-Type: image/jpeg
Content-Length: 10563
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 04:31:42 GMT
ETag: "62ccf92e-2943"
Accept-Ranges: bytes
tba5.top/template/m1938pc/css/favicon.ico
23.225.140.18404 Not Found 2.0 kB URL HTTP/1.1 tba5.top/template/m1938pc/css/favicon.ico
IP 23.225.140.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 21794f49e3942b1aaa16ae84c14dc36d
5e8a82f143522e358389499b3deb0d8f9116d823
7b012128712be61d237597e2d233da7aa89404cf5ab966b58e86041859f610d0
GET /template/m1938pc/css/favicon.ico HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/?kwtwhy=i8d7n&wapkha=kmalg2
Cookie: Hm_lvt_f9ec34b3904a207ece304ce35c4902cd=1666414391; Hm_lpvt_f9ec34b3904a207ece304ce35c4902cd=1666414391
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 04:53:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
tba5.top/?kwtwhy=i8d7n
23.225.140.18307 Temporary Redirect 0 B IP 23.225.140.18:0
Analyzer Verdict Alert fortinet Malware
GET /?kwtwhy=i8d7n HTTP/1.1
Host: tba5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tba5.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Location: /?kwtwhy=i8d7n
Connection: Close
img.x969.xyz/images/6329839e0fb135029ece9d06.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.x969.xyz/images/6329839e0fb135029ece9d06.gif
IP 23.225.228.58:0
GET /images/6329839e0fb135029ece9d06.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_b95c74d4b20b48a2870918b84c0bb5150.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.x932.xyz/images/631b6662b62b4063cbda496e.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x932.xyz/images/631b6662b62b4063cbda496e.gif
IP 23.225.222.2:0
GET /images/631b6662b62b4063cbda496e.gif HTTP/1.1
Host: img.x932.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_81bdbf0e25cf4d8bac783716e8d79a9e0.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.x973.xyz/images/6319d443178bb5a0f9388067.gif
23.225.222.18302 Found 0 B URL HTTP/2 img.x973.xyz/images/6319d443178bb5a0f9388067.gif
IP 23.225.222.18:0
GET /images/6319d443178bb5a0f9388067.gif HTTP/1.1
Host: img.x973.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tba5.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_2b865f0d14554a1a908621876f67fa440.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2