r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4925
Expires: Fri, 25 Nov 2022 01:33:58 GMT
Date: Fri, 25 Nov 2022 00:11:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6529
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:53 GMT
Last-Modified: Thu, 24 Nov 2022 22:23:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 23:19:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3173
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10060
Expires: Fri, 25 Nov 2022 02:59:33 GMT
Date: Fri, 25 Nov 2022 00:11:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LcCta9SosoYDqe2V81kxfHJV3ePPS5NtOyaEyLJXBTa+kLiLGBlo8G45ZXMUfHZrcgyS2IHSdg1BbTl2UvJ3nA==
x-amz-request-id: HZE282PFBZSJ325G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 23:40:35 GMT
age: 1878
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:11:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
eu-capitals.com/
157.52.206.216301 Moved Permanently 0 B IP 157.52.206.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: eu-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 24 Nov 2022 09:16:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.eu-capitals.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 00:08:53 GMT
cache-control: public,max-age=3600
age: 180
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6482
Cache-Control: max-age=124978
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:53 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:54:51 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.eu-capitals.com/index.php
157.52.206.216200 OK 534 B URL HTTP/1.1 www.eu-capitals.com/index.php
IP 157.52.206.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (743), with CRLF line terminators
Hash 5d9a85558da1672982f0f6b899794979
81d94251182eb8906bb334cb87869717b3d82933
1d67578c92a87518c9addae02ec95cc2415f219fb9e1ba29eeb364f4813eaa0e
GET /index.php HTTP/1.1
Host: www.eu-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:16:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cyukhxit4JUQE7Gkcx76lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qJiOtaMYIWMHqI5ennq7fXPm65c=
www.eu-capitals.com/common.js
157.52.206.216200 OK 675 B URL HTTP/1.1 www.eu-capitals.com/common.js
IP 157.52.206.216:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1293), with no line terminators
Hash 98c141fc9152c8525df1e19988943455
8105521e1fb9415b311d52086e6ae885c7af4949
f85a68fc297400c2d7ee071302b0930d4334f994f181ced0bc02d3c5b35b673d
GET /common.js HTTP/1.1
Host: www.eu-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eu-capitals.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:16:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.eu-capitals.com/tj.js
157.52.206.216200 OK 258 B URL HTTP/1.1 www.eu-capitals.com/tj.js
IP 157.52.206.216:0
File type ASCII text, with CRLF line terminators
Hash 9115622d188448f273a957e15957fec7
862285fc6067cfedb413a52a698e078725b0a752
c619919672d1f6f9bd3bc9d9105eb456e82be1e6f49fc1f7f700dddff587ce6c
GET /tj.js HTTP/1.1
Host: www.eu-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eu-capitals.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:16:26 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.eu-capitals.com/favicon.ico
157.52.206.216200 OK 1.2 kB URL HTTP/1.1 www.eu-capitals.com/favicon.ico
IP 157.52.206.216:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.eu-capitals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eu-capitals.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:16:26 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 29 Nov 2022 09:16:26 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 424c324c05d934d8344af4047b580e94
f5d32055ade66f3825a7c3f683efafe92df3766e
1af4ad7570eca29d9d640b257835d6e40725f8bb9c720c7dac6408621e4b76d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AF4AD7570ECA29D9D640B257835D6E40725F8BB9C720C7DAC6408621E4B76D2"
Last-Modified: Thu, 24 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 06:11:54 GMT
Date: Fri, 25 Nov 2022 00:11:54 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 5baef7f0c6edaaac0f6e6f046ead004f
0c97c19ae670fd03752676b91b0672791718065d
d79128db0ba189bf21b63dae3a72c6625db60018663a9dc8d7b42d7a4aed9bfa
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 20:28:22 GMT
ETag: "0c97c19ae670fd03752676b91b0672791718065d"
Last-Modified: Thu, 24 Nov 2022 20:28:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3135
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b756d98b505-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14059
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 00:11:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14059
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 00:11:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 1946379e-4e55-4f88-af6f-1b97b23ed91d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c6lHpkIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7510-6b1a2a885ccfed6a79ecfc6a;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dqSKXJ-wDRV1EvLG8O8iL1658j4HdMmxR3nD-UkRKhW-N9UWjeQ3rA==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:22:46 GMT
age: 60549
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Flw9EdzENUCOukD9HilOxntWCGlJbRReExn8Wb6p7bIUx8iSeIg1xg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:43:51 GMT
age: 59284
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 61068
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05a92b9f554600c920e8b772eb16ee75
7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _dHgUlzLnOsFrI73NzPGn0VJ2NvJqRew6bHzlD6_n2zwHPfQ-8kIvA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 03:18:19 GMT
age: 75216
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f65dfa986cf95e8fb459778b945c59
29edd439b6e7894bc4771fc655a50d926f349a08
c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 02dc5c46-069f-4ee3-aa45-16b1bce00785
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7NIBG02oAMFu-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ac233-4e8f84ed5695d26359c12846;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 00:11:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ZZe5ifdG_5LZ1E5rc4gHFEbc7IFI04waHgJRIWx0Hh-s6Uw66Qu42g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 02:54:44 GMT
age: 76631
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 03:27:30 GMT
age: 74665
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/app1.js
192.151.196.21200 OK 918 B URL HTTP/2 4f.jxry1.com/template/web/app1.js
IP 192.151.196.21:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 889ed42749f22e764518d3cabda24237
ed6adb9aecf1ca9a97848870e1e6009f6086ee34
b7159c046817dc52b2fc249472c97ee0c00dc9f334566e267493ca7680675348
GET /template/web/app1.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
content-length: 918
last-modified: Tue, 22 Nov 2022 16:00:04 GMT
etag: "637cf204-396"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 976a3f7d544c604f76227837cd11490f
4c7f8143b6c37810232af858b6a1a70a655548e3
3a80fbad0fa3cdd518041480d781fdd9a8d13bc0c4d00ec42ebfd011f4d82334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A80FBAD0FA3CDD518041480D781FDD9A8D13BC0C4D00EC42EBFD011F4D82334"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14984
Expires: Fri, 25 Nov 2022 04:21:39 GMT
Date: Fri, 25 Nov 2022 00:11:55 GMT
Connection: keep-alive
4f.jxry1.com/template/web/app2.js
192.151.196.21200 OK 956 B URL HTTP/2 4f.jxry1.com/template/web/app2.js
IP 192.151.196.21:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3cccc5f30b4ae143ee678b09d41f5f44
9212b82fdc87998620ee81cd241e5ee7b7f2386e
0e32842ca47873ab38d99f4cf0271ed2291e55ac78ece687acdd1314a44327ab
GET /template/web/app2.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
content-length: 956
last-modified: Wed, 23 Nov 2022 10:47:53 GMT
etag: "637dfa59-3bc"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/app3.js
192.151.196.21200 OK 918 B URL HTTP/2 4f.jxry1.com/template/web/app3.js
IP 192.151.196.21:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1ca2d7e9e29846b22886ec6b700065d1
ce26314de9d796a8f9d8f52e70e493cf5b6b7946
16e9db12b9a6c5d4871492cbb4b2fd679cb483b737a342456941da7f6cdec721
GET /template/web/app3.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: application/javascript
content-length: 918
last-modified: Thu, 24 Nov 2022 11:19:54 GMT
etag: "637f535a-396"
expires: Fri, 25 Nov 2022 12:12:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 976a3f7d544c604f76227837cd11490f
4c7f8143b6c37810232af858b6a1a70a655548e3
3a80fbad0fa3cdd518041480d781fdd9a8d13bc0c4d00ec42ebfd011f4d82334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A80FBAD0FA3CDD518041480D781FDD9A8D13BC0C4D00EC42EBFD011F4D82334"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14984
Expires: Fri, 25 Nov 2022 04:21:39 GMT
Date: Fri, 25 Nov 2022 00:11:55 GMT
Connection: keep-alive
4f.jxry1.com/template/web/app.js
192.151.196.21200 OK 2.2 kB URL HTTP/2 4f.jxry1.com/template/web/app.js
IP 192.151.196.21:0
Hash 4fef1d6513bd3bec3bd6ac7979494693
f61ddafbed65dd93370cd600a4e6590a8a0560ef
e2d6b818abe944005d1a7fe0953a83c8acff7733294d4a4402a90492c08eed41
GET /template/web/app.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:15:16 GMT
vary: Accept-Encoding
etag: W/"637f5244-3318"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 976a3f7d544c604f76227837cd11490f
4c7f8143b6c37810232af858b6a1a70a655548e3
3a80fbad0fa3cdd518041480d781fdd9a8d13bc0c4d00ec42ebfd011f4d82334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A80FBAD0FA3CDD518041480D781FDD9A8D13BC0C4D00EC42EBFD011F4D82334"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14984
Expires: Fri, 25 Nov 2022 04:21:39 GMT
Date: Fri, 25 Nov 2022 00:11:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e8d30d3ec1b0828e2cdb251db0c348c9
8becf2f79a6f204d0426a2a2e5e7ec37e6472f10
27b9cc025a28e8634794cf735496c109f955229fea5ad78df91c917caae46048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3652
Cache-Control: max-age=112042
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637f0cb2-117"
Expires: Sat, 26 Nov 2022 07:19:18 GMT
Last-Modified: Thu, 24 Nov 2022 06:18:26 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 279
hm.baidu.com/hm.js?f0f51137bff8a5fe8d52c181e6ede574
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f0f51137bff8a5fe8d52c181e6ede574
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash 4cf57fb9017fbccc4f9a3c21e8ae5e11
8f0f6524f42879c60c0cd4b81fea405c5096069e
de006d1ea5807898040450e0ad08a66454470e53039c83a8d46110adf481c92c
GET /hm.js?f0f51137bff8a5fe8d52c181e6ede574 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eu-capitals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 00:11:55 GMT
Etag: 1734b28aea3d4eb7697941cec37b1ae5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ACBC692BB6525D34; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 976a3f7d544c604f76227837cd11490f
4c7f8143b6c37810232af858b6a1a70a655548e3
3a80fbad0fa3cdd518041480d781fdd9a8d13bc0c4d00ec42ebfd011f4d82334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A80FBAD0FA3CDD518041480D781FDD9A8D13BC0C4D00EC42EBFD011F4D82334"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14983
Expires: Fri, 25 Nov 2022 04:21:39 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e67be8a13071bb0d96854d538f3f130c
8871baf3b3080a07776a34476e8270ad2d7618f3
6eb50373f65a1769cbd600aa466b8051c8d26060e2f5b969bfa35bea5bb16213
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 187
Cache-Control: max-age=96370
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637edd03-118"
Expires: Sat, 26 Nov 2022 02:58:06 GMT
Last-Modified: Thu, 24 Nov 2022 02:54:59 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e8d30d3ec1b0828e2cdb251db0c348c9
8becf2f79a6f204d0426a2a2e5e7ec37e6472f10
27b9cc025a28e8634794cf735496c109f955229fea5ad78df91c917caae46048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3653
Cache-Control: max-age=112042
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637f0cb2-117"
Expires: Sat, 26 Nov 2022 07:19:18 GMT
Last-Modified: Thu, 24 Nov 2022 06:18:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 33f08581fca24003e96394aa46e1f83c
5d67c2e7395c27bf8c69d6ca203f716ed28ff87e
b3f2c44745cc6da0ecac693cf63d0a830cabb7c0fb0b146b869ec10dc16d91e2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 28 Nov 2022 23:13:04 GMT
ETag: "5d67c2e7395c27bf8c69d6ca203f716ed28ff87e"
Last-Modified: Thu, 24 Nov 2022 23:13:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2266
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b7c3ab9b505-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e67be8a13071bb0d96854d538f3f130c
8871baf3b3080a07776a34476e8270ad2d7618f3
6eb50373f65a1769cbd600aa466b8051c8d26060e2f5b969bfa35bea5bb16213
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 187
Cache-Control: max-age=96370
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637edd03-118"
Expires: Sat, 26 Nov 2022 02:58:06 GMT
Last-Modified: Thu, 24 Nov 2022 02:54:59 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
z4a.net/images/2022/11/01/960x60.gif
104.21.234.234200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/01/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/01/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 577945
expires: Thu, 16 Nov 2023 08:14:29 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 748647
last-modified: Wed, 16 Nov 2022 08:14:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7JQtf2GTjYMkkAu1skzpBN1U2VnJTGKD2wwUMHiV6A9%2BEgiCsEsBsQsE%2FJ8bemSZRfkBaXKkllSzwquYrfftoaHmDkBYs2%2FyIsQxeXn3EbH2afGhV0Q4lr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f62b7c4fcf773d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4f.jxry1.com/template/xinheise/css/zui.css
192.151.196.21200 OK 20 kB URL HTTP/2 4f.jxry1.com/template/xinheise/css/zui.css
IP 192.151.196.21:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 52e3720a717d01e656c0282688f5ab95
e6b274d3f69efc8c412ab24ab89b634b0cf23bd7
5fbdda29417a76991d9132f6a086393a88e1b0dd93937a2837aac0a7e22fdf0b
GET /template/xinheise/css/zui.css HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: text/css
last-modified: Sat, 10 Sep 2022 05:23:35 GMT
vary: Accept-Encoding
etag: W/"631c1f57-16c4e"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e0bf2eba20ecd37a22c849e08a8d2c6
87279bcf79e894aa1f5d3167f896958308a290d1
2f0c6e68762615c3d208453349458006655a7f2bc7983c2f776e6119db6f812d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F0C6E68762615C3D208453349458006655A7F2BC7983C2F776E6119DB6F812D"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14307
Expires: Fri, 25 Nov 2022 04:10:23 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
ttzytp1.com/upload/vod/20221122-1/94c78a3bc1e1bd900d937f9ddac2d0d8.jpg
23.224.136.188200 OK 44 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/94c78a3bc1e1bd900d937f9ddac2d0d8.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x269, components 3\012- data
Hash fc9c1ebc070b53e11c6c19131a06e15f
4e1d99ebf13dcb8c2e5604386a5f3e7da721036e
245a7ea45f170ec0ca5315cf891c9851e0b085a94d313ed5543480334e0eeeb9
GET /upload/vod/20221122-1/94c78a3bc1e1bd900d937f9ddac2d0d8.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:55 GMT
Content-Type: image/jpeg
Content-Length: 43711
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:05 GMT
ETag: "637cbb69-aabf"
Accept-Ranges: bytes
4f.jxry1.com/template/web/GG/227.gif
192.151.196.21200 OK 477 kB URL HTTP/2 4f.jxry1.com/template/web/GG/227.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /template/web/GG/227.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 477289
last-modified: Fri, 14 Oct 2022 15:40:58 GMT
etag: "6349830a-74869"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221122-1/362f7fd44489e016e64b6d2cdb84f644.jpg
23.224.136.188200 OK 48 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/362f7fd44489e016e64b6d2cdb84f644.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x268, components 3\012- data
Hash b9fca509ea8c48214090be34dd5db724
2ca57d904370d5ce06e7c5473ba85a6006dce4a9
34ea5688c7dce21e9a5efdb8c9e4f4f26391339b670b307176ca238c55425d2f
GET /upload/vod/20221122-1/362f7fd44489e016e64b6d2cdb84f644.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 47903
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:05 GMT
ETag: "637cbb69-bb1f"
Accept-Ranges: bytes
4f.jxry1.com/template/web/xx3.js
192.151.196.21200 OK 55 kB URL HTTP/2 4f.jxry1.com/template/web/xx3.js
IP 192.151.196.21:0
Hash 87c26dcc50e79eb41572078cb01246aa
c2cb7639f00d432b3291d61045908f2a914cac0e
fa3a3123a59de470d68d32858352efd3cdd9f2f575713220a86a7e946c23862b
GET /template/web/xx3.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 07:51:04 GMT
vary: Accept-Encoding
etag: W/"637f2268-19b6"
expires: Fri, 25 Nov 2022 12:12:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
4f.jxry1.com/
192.151.196.21200 OK 60 kB IP 192.151.196.21:0
Hash 77d5d918382d802a25eb3864711df983
24f3742a62c95cfd7ec9b7c34a3e1c4795326d82
f6adbd2394e954e74084cabd43677c71728b2bf7dd29446daeccf240eac2bbd5
GET / HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eu-capitals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 4843fada1c0617d36927afca3400e17e
49ba6d2eb8d9050c4ef1c54fc62980ee6cdf46a0
a7467348802a0796518d6f90895f44cf80ee8520290567f3c3ec26c4497505ab
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:09:43 GMT
Expires: Mon, 28 Nov 2022 23:09:42 GMT
Etag: "49ba6d2eb8d9050c4ef1c54fc62980ee6cdf46a0"
Cache-Control: max-age=341265,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b7d8d12b517-OSL
hm.baidu.com/hm.js?63c3c487678e3b7f007b9f6d27b1517e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?63c3c487678e3b7f007b9f6d27b1517e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 5874096052cd624797ba0e5a2bced9ed
903b1e98ac8b08dab266527a3c9085d8981dcb7c
97beddfec3e72bd04ef150bddbd1ef96b8cd44ba358202b6d46c78a67f4de327
GET /hm.js?63c3c487678e3b7f007b9f6d27b1517e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: 3fbb7c8b00381fbfd5b855babd62f7f9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=15B9CA7AB7D3451A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
4f.jxry1.com/template/web/dipiao.js
192.151.196.21200 OK 109 kB URL HTTP/2 4f.jxry1.com/template/web/dipiao.js
IP 192.151.196.21:0
Size 109 kB (109445 bytes)
Hash a5c849c3323a4fa2a2572e684636359b
6168badeb009694af4bf61190a1e7b6f21a9d25d
0f14fb18a537d9b49ef20096ed77d248f512982fb59d781df9e7ef15969349e8
GET /template/web/dipiao.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 14:24:56 GMT
vary: Accept-Encoding
etag: W/"62810d38-81a"
expires: Fri, 25 Nov 2022 12:12:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221122-1/e92ac947f2778e5bb2305f1b63321612.jpg
23.224.136.188200 OK 43 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/e92ac947f2778e5bb2305f1b63321612.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x267, components 3\012- data
Hash 731e880be0cbe22f891593d3b2a007ad
70191cf8918dc6e0917da8fc4f110fa35eda6832
39e56fb4698c85539d98d40b528238d9e7f6fee45ebdfed1d197c15298869d68
GET /upload/vod/20221122-1/e92ac947f2778e5bb2305f1b63321612.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 43205
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:11 GMT
ETag: "637cbb6f-a8c5"
Accept-Ranges: bytes
ttzytp1.com/upload/vod/20221122-1/9e840ddba9f3e5984a0e050e9b2a6b26.jpg
23.224.136.188200 OK 48 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/9e840ddba9f3e5984a0e050e9b2a6b26.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x282, components 3\012- data
Hash ad51d12179bc4f23a8a94f0860a2c2fb
544710a8afce420dcfed3f8d4a778d83c426477a
5c32519d161bf172f850237b6b4f679d7fcf5fdf804bc8bbe75c2ec620133616
GET /upload/vod/20221122-1/9e840ddba9f3e5984a0e050e9b2a6b26.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 48303
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:11 GMT
ETag: "637cbb6f-bcaf"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16013b296b7037644f3a6d7f902e78e5
43318dd3bd958f9efcb84275dd514665808f6aca
1f98a329638eb9a85e17ad632f9d6f89e87a3d8a52d533de15b7614cf92ef5eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F98A329638EB9A85E17AD632F9D6F89E87A3D8A52D533DE15B7614CF92EF5EB"
Last-Modified: Thu, 24 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21440
Expires: Fri, 25 Nov 2022 06:09:16 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
4f.jxry1.com/template/xinheise/fonts/iconfont.woff
192.151.196.21200 OK 525 B URL HTTP/2 4f.jxry1.com/template/xinheise/fonts/iconfont.woff
IP 192.151.196.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/xinheise/fonts/iconfont.woff HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://4f.jxry1.com/template/xinheise/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: font/woff
content-length: 525
last-modified: Tue, 04 Jan 2022 15:13:46 GMT
etag: "61d4642a-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/xinheise/images/video-play.png
192.151.196.21200 OK 1.6 kB URL HTTP/2 4f.jxry1.com/template/xinheise/images/video-play.png
IP 192.151.196.21:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/xinheise/images/video-play.png HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/template/xinheise/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-61f"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/xinheise/images/video-mask.png
192.151.196.21200 OK 107 B URL HTTP/2 4f.jxry1.com/template/xinheise/images/video-mask.png
IP 192.151.196.21:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/xinheise/images/video-mask.png HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/template/xinheise/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:24 GMT
etag: "61d46450-6b"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/k4.gif
192.151.196.21200 OK 114 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k4.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 114 kB (114030 bytes)
Hash 79cf722c45cb4e5b3e7da0cfff829c98
71558743109d39b3163e3e873111641615c6f80c
37336e1d469f511d19c69cd7e3576ef2665204c7304e0b8dd2ec051dd78309e3
GET /template/web/GG/k4.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 114030
last-modified: Fri, 27 May 2022 05:31:41 GMT
etag: "6290623d-1bd6e"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ee769501b303b83217377ebb1740d26
7c3145c9d39b7b9f9dc00963997122ada50bfa5e
2e61a5046c20844bf9283716fd40664cf880a82af29a7fbd3ac6c575b1e59fe7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E61A5046C20844BF9283716FD40664CF880A82AF29A7FBD3AC6C575B1E59FE7"
Last-Modified: Thu, 24 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11676
Expires: Fri, 25 Nov 2022 03:26:32 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mjcommon.yybfxo.com/picture/11-12/640-100.gif
47.246.44.220200 OK 64 kB URL HTTP/1.1 mjcommon.yybfxo.com/picture/11-12/640-100.gif
IP 47.246.44.220:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 100\012- data
Hash 2bb6cec45e7762d86dfde5ba93a80bf7
63173ded68a4499d47cba1b74566fcac68a96bac
deca498d3d16210b573d7e8e8d26d10b76f6e9125d7c719759cff8462a327358
GET /picture/11-12/640-100.gif HTTP/1.1
Host: mjcommon.yybfxo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 63901
Connection: keep-alive
Date: Thu, 24 Nov 2022 10:23:48 GMT
x-oss-request-id: 637F4634A7BABC3635769F1F
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "2BB6CEC45E7762D86DFDE5BA93A80BF7"
Last-Modified: Sat, 12 Nov 2022 09:07:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12044856617353796004
x-oss-storage-class: Standard
x-oss-meta-atime: 1668244053
x-oss-meta-ctime: 1668244054
x-oss-meta-gid: 1000
x-oss-meta-mode: 33261
x-oss-meta-mtime: 1668244053
x-oss-meta-uid: 1000
Content-MD5: K7bOxF53Ytht/eW6k6gL9w==
x-oss-server-time: 54
Ali-Swift-Global-Savetime: 1669285428
Via: cache15.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache3.l2de2[2,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
Age: 49688
X-Cache: HIT TCP_MEM_HIT dirn:4:397846316
X-Swift-SaveTime: Thu, 24 Nov 2022 10:26:27 GMT
X-Swift-CacheTime: 86241
Timing-Allow-Origin: *
EagleId: 2ff62c9816693351164965026e
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 54022f42b3a22877e60a2b22d4e27a44
3f41ce281d6f4d3a8469db2dc298aac67b5f1ae8
35e79f2595010ddbaf73d5d6e2e95103a9045fba286a98bdd77b11d2adba47be
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "35E79F2595010DDBAF73D5D6E2E95103A9045FBA286A98BDD77B11D2ADBA47BE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1287
Expires: Fri, 25 Nov 2022 00:33:23 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
tupkku.top/hf/xincha.gif
172.67.178.134200 OK 287 kB IP 172.67.178.134:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 287 kB (287106 bytes)
Hash bf69a23dccde7e62074b6300ea402b95
dd009214a977991f1ce608f209962267a2db1e2c
6e329ba63b5b8b6493317c2c2f140b49bc76cb72d5eb06793d5f32e87ac308fb
GET /hf/xincha.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 287106
last-modified: Mon, 06 Jun 2022 10:46:28 GMT
etag: "629ddb04-46182"
expires: Sun, 27 Nov 2022 14:30:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2327315
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bapxeul1u7UeryGVAeIBX094%2FWhZRO1wmcGPmZ37so4xIXdAY%2FKs6Fl8gbyLSw1fad8md%2FMM5NQMyEK03IoOfmQ1uEBgBIRdAJn19nWZBprHzv45NGG8mfhSMRIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f62b7e8b77b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=868217636&si=f0f51137bff8a5fe8d52c181e6ede574&v=1.3.0&lv=1&sn=27596&r=0&ww=1280&u=http%3A%2F%2Fwww.eu-capitals.com%2Findex.php&tt=%E8%88%9F%E5%B1%B1%E6%AF%95%E9%85%B1%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=868217636&si=f0f51137bff8a5fe8d52c181e6ede574&v=1.3.0&lv=1&sn=27596&r=0&ww=1280&u=http%3A%2F%2Fwww.eu-capitals.com%2Findex.php&tt=%E8%88%9F%E5%B1%B1%E6%AF%95%E9%85%B1%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=868217636&si=f0f51137bff8a5fe8d52c181e6ede574&v=1.3.0&lv=1&sn=27596&r=0&ww=1280&u=http%3A%2F%2Fwww.eu-capitals.com%2Findex.php&tt=%E8%88%9F%E5%B1%B1%E6%AF%95%E9%85%B1%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eu-capitals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 00:11:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E789FEAC95C9980E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ttzytp1.com/upload/vod/20221122-1/6c4344ec1682c647cdf80c9325cd4166.jpg
23.224.136.188200 OK 50 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/6c4344ec1682c647cdf80c9325cd4166.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x269, components 3\012- data
Hash a0afb6a4710d80ab4ead7daf9f134c1a
4b7b3b3603dbadbd8bcd7b5292a4709a7a9fbf18
b50d54cf9686e823f7aa1319b4824ad1247f16380ae8b168c4a5a9bd18f73921
GET /upload/vod/20221122-1/6c4344ec1682c647cdf80c9325cd4166.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 49716
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:12 GMT
ETag: "637cbb70-c234"
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 6213488e1f3363f8bac5fdb3931e1ecb
0e0dd089787a3157efa8d5ffbf231555af81dfb5
db938936a48265e6079eedf8e52975577297e92c11a411776a72e9704de31158
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 21:55:05 GMT
ETag: "0e0dd089787a3157efa8d5ffbf231555af81dfb5"
Last-Modified: Thu, 24 Nov 2022 21:55:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2593
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b7ebe60b4f4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f95c138d2661af3559500ba8c2bccd73
266412c507fc6cb74b507d3c112112061a504168
f22d7f9f4ea12efcceba96095a6677353135b1cdda21c77fa9318f83adbd6726
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 18:26:17 GMT
Expires: Mon, 28 Nov 2022 18:26:16 GMT
Etag: "266412c507fc6cb74b507d3c112112061a504168"
Cache-Control: max-age=324259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b7e8acbb515-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b1447a8b35d4f0df8742a6eaef1111ae
c0cf3e939ec742ed764b13824539db3e84aba9be
0dfab4caab9fc228cd593e7ed9ed12c4a87642cbb2eb6123622793c009e25c20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0DFAB4CAAB9FC228CD593E7ED9ED12C4A87642CBB2EB6123622793C009E25C20"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7318
Expires: Fri, 25 Nov 2022 02:13:54 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 54022f42b3a22877e60a2b22d4e27a44
3f41ce281d6f4d3a8469db2dc298aac67b5f1ae8
35e79f2595010ddbaf73d5d6e2e95103a9045fba286a98bdd77b11d2adba47be
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "35E79F2595010DDBAF73D5D6E2E95103A9045FBA286A98BDD77B11D2ADBA47BE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1287
Expires: Fri, 25 Nov 2022 00:33:23 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
js.users.51.la/21273073.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21273073.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash b3b21259882892e3dcfcb1989a153b29
9f81be795abe9b3d5d80bc5ac7e64982e5a2fd3a
20e8a8ba4762196ffb0c346cee8082c8e74b37610a971fb4b24e8308969fac94
GET /21273073.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=f4dac3ac27a714f692d; path=/
HWWAFSESTIME=1669335113652; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ttzytp1.com/upload/vod/20221123-1/372cbc007a617b3b4c25b3c3714f7b5a.jpg
23.224.136.188200 OK 56 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/372cbc007a617b3b4c25b3c3714f7b5a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 176e449fe4742ceea4889e3534afcdcf
937e05fde18ed5a92c331c10cbe8b56a8a4782f9
f7e7ef520a26dffa0a9a58dbafef20ab37b00c7864ec5f4decac065927a68c6c
GET /upload/vod/20221123-1/372cbc007a617b3b4c25b3c3714f7b5a.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 56549
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:25 GMT
ETag: "637e0109-dce5"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4362
Cache-Control: max-age=168949
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 23:07:45 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 727
4f.jxry1.com/template/web/GG/k2.gif
192.151.196.21200 OK 32 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k2.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0dbd3863b60a1e8e0a507a6092e3acbd
81f0cfad3a7369aa95b1b507a5ce46149cd4e4fe
d3829461b69847e6df417e8eb4c4046ae45864fbb7d3646e7b1346a861bd893e
GET /template/web/GG/k2.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 32381
last-modified: Fri, 27 May 2022 05:31:39 GMT
etag: "6290623b-7e7d"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221123-1/d15a94edf489f9a29686512600fc016d.jpg
23.224.136.188200 OK 56 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/d15a94edf489f9a29686512600fc016d.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 48cadba2b14798d88036668f0bf00f13
313d06a40c936d5e07cfa86a892c76b3444f22a2
4d31ca4a07fdddfeaf9fc36abe838a19b0cc21b2f585a1f6567164f39ca52c04
GET /upload/vod/20221123-1/d15a94edf489f9a29686512600fc016d.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 55659
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:25 GMT
ETag: "637e0109-d96b"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4776
Cache-Control: max-age=169363
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 23:14:39 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 727
ttzytp1.com/upload/vod/20221123-1/568b17ccc77a4c6a586402602d38365f.jpg
23.224.136.188200 OK 53 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/568b17ccc77a4c6a586402602d38365f.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 5cf2d0a95cb46d3c15d8cae992368168
dd2d8064e21ad4dddb250bc0c05fc2db27caf2f9
3f940367c51d81d964ab94940dcd1dafce9238025fbb774d40160f4a6e956da2
GET /upload/vod/20221123-1/568b17ccc77a4c6a586402602d38365f.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 53268
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:25 GMT
ETag: "637e0109-d014"
Accept-Ranges: bytes
ttzytp1.com/upload/vod/20221123-1/43bb5079c685750fcc86fc4a31b9f72a.jpg
23.224.136.188200 OK 57 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/43bb5079c685750fcc86fc4a31b9f72a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 2bea1c60ebb750b2c16c0b53ea1d7ae1
b277c774825485841f9dc3287376071ea22b6aac
a35e467a6f6d9e2419b37cf10cc39a38639c19af4b49608c3e155dd6a0dfec96
GET /upload/vod/20221123-1/43bb5079c685750fcc86fc4a31b9f72a.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 56939
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:24 GMT
ETag: "637e0108-de6b"
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/126962c36cff4d738bda7ade3c273740
47.246.44.228200 OK 475 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/126962c36cff4d738bda7ade3c273740
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 475 kB (474754 bytes)
Hash 187c69beaa798211a2760f0e7944d8cc
645bc6d28abf2cf3756a014fb2fc9075d0f0fe20
50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4
GET /obj/tos-cn-i-dy/126962c36cff4d738bda7ade3c273740 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Sun, 06 Nov 2022 07:36:31 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 06 Nov 2022 07:25:59 GMT
nw-session-id: 202211061525590101351600232A1108285h9f503dy
nw-session-trace: 2022-11-06T15:25:59.365034436+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Sun, 06 Nov 2022 15:25:59 GMT
x-tt-logid: 202211061525590101351600232A110828
via: n150-050-084, cache4.l2de2[0,0,206-0,H], cache16.l2de2[2,0], cache16.l2de2[3,0], cache3.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 010b64ee55a329f34996540795123aca91a2b408f5d82d6c4ccae2e0199f73e01f829a3acd19f29422f8d1a0eb4dc9d141b9cd4251aa04835eef9fec3fc8910bdf587c5c602b5505665583025170e80298816a0e37ef43fac58cb1ea6f1cc3f85a
x-response-lb: image
ali-swift-global-savetime: 1667720191
age: 1614925
x-cache: HIT TCP_MEM_HIT dirn:1:278387108
x-swift-savetime: Sun, 06 Nov 2022 08:52:50 GMT
x-swift-cachetime: 31531421
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693351166645084e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/0ea5cf6d845b4df7ad3d83b8839d660b
47.246.44.228200 OK 326 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0ea5cf6d845b4df7ad3d83b8839d660b
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 326 kB (326098 bytes)
Hash 932546def96f0461c34d8c563765f0a2
1cdf25fd9981a33def5d729f32d9ea00088c6dcc
5dfad1d60e09952988e27d095012d04f4987340a6a7d9335e601eaca7414c8c9
GET /obj/tos-cn-i-dy/0ea5cf6d845b4df7ad3d83b8839d660b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 326098
date: Thu, 17 Nov 2022 15:37:09 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 15:29:22 GMT
nw-session-id: 202211172329220101580270674ED962B4qbtjf03dy
nw-session-trace: 2022-11-17T23:29:22.390693544+08:00 28
x-bdcdn-cache-status: TCP_HIT
x-length: 326098
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 23:29:22 GMT
x-tt-logid: 202211172329220101580270674ED962B4
via: n128-134-083, cache26.l2de2[0,0,206-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache2.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01f8d97080eab1f890f626d692f94850a84e74f1fc0140fa4092333905a2e12445b7eb618d130b6184e40da391585ac963f0056bebbb07e77dc05c87a1d54c4d15c43e2486dcf635bc16025e7d326fae5667de0fd0562ef8ea9143b4d698ad7c78
x-response-lb: image
ali-swift-global-savetime: 1668699430
age: 635686
x-cache: HIT TCP_MEM_HIT dirn:6:209728367
x-swift-savetime: Thu, 17 Nov 2022 15:51:09 GMT
x-swift-cachetime: 31535161
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693351166655085e
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221122-1/354b9a15eb20e1899db15cd470604ecb.jpg
23.224.136.188200 OK 55 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221122-1/354b9a15eb20e1899db15cd470604ecb.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 400x268, components 3\012- data
Hash 11c42e08e2d9427613abefc92ea7bcac
0b84c3ecf202aa6187d7fbc92835558df0b9cbaa
c2b70257bbada7ccea877f5b18f28339064d08afb1d16c96fa66c79a52e261ee
GET /upload/vod/20221122-1/354b9a15eb20e1899db15cd470604ecb.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 54966
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 12:07:11 GMT
ETag: "637cbb6f-d6b6"
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/727cab1b04c04ff7b532e958c75e10a5
47.246.44.228200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/727cab1b04c04ff7b532e958c75e10a5
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/727cab1b04c04ff7b532e958c75e10a5 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Sat, 19 Nov 2022 10:14:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 19 Nov 2022 10:08:44 GMT
nw-session-id: 202211191808440102080352140483B9C7b8d6t03dy
nw-session-trace: 2022-11-19T18:08:44.468215046+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Sat, 19 Nov 2022 18:08:44 GMT
x-tt-logid: 202211191808440102080352140483B9C7
via: n204-098-012, cache12.l2de2[0,0,206-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:287::131
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016272e2f26f0b46a8f7a287ca27977f5587459707e7f71a135e2beae18193b9a50d9c2aaae7b9c17aed5b2059db6eb6f50b382aed891fdb5916f49c4a10ce38077d474f10d0ff678edc0eddcd17a1b4f1bb93978979fba60272eebb597d493882
x-response-lb: image
ali-swift-global-savetime: 1668852851
age: 482265
x-cache: HIT TCP_MEM_HIT dirn:2:9245054
x-swift-savetime: Sat, 19 Nov 2022 10:27:47 GMT
x-swift-cachetime: 31535184
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693351166865090e
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/d10.gif
192.151.196.21200 OK 119 kB URL HTTP/2 4f.jxry1.com/template/web/GG/d10.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 119 kB (119145 bytes)
Hash 03611dd134898d951bd6479076eee32b
4aef7215e5d6206ededff3fff78d735064e6fbb5
9c3ea4fa33413bfe2175b5e9eac750617538bafe475a84367d0c6d693c75c076
GET /template/web/GG/d10.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 119145
last-modified: Sat, 23 Apr 2022 04:49:11 GMT
etag: "62638547-1d169"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.235.62200 OK 902 kB URL HTTP/2 kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f.jxry1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sun, 04 Dec 2022 22:51:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1732835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYMBpJKqAcsAgn0i2hDbNSOFKCvrb%2F68%2F8sSQzdoEnrQv%2FUfotkwPuz7Of7j%2FEi%2BKtyA9SyMBqcbwv43EnNzf6x4SMhJ2YsFmt1YbeiTeH%2Bx%2BP7Ycckdgio%2BrBGF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f62b7f0bb9e628-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ad7b16c1a145de2a743a373b1f4b81e6
5e2c80478a031ee5c5ffd44526e2f89a0131a1ac
131f427bd11b00c80c58620e3379738aa003c72ec53e77cf88737ead60636b5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:08:08 GMT
Expires: Thu, 01 Dec 2022 00:08:07 GMT
Etag: "5e2c80478a031ee5c5ffd44526e2f89a0131a1ac"
Cache-Control: max-age=517570,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b7f9dc7b518-OSL
4f.jxry1.com/template/web/GG/k14.gif
192.151.196.21200 OK 73 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k14.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /template/web/GG/k14.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 73223
last-modified: Sat, 28 May 2022 04:44:36 GMT
etag: "6291a8b4-11e07"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/a06.gif
192.151.196.21200 OK 111 kB URL HTTP/2 4f.jxry1.com/template/web/GG/a06.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /template/web/GG/a06.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 110624
last-modified: Sat, 18 Jun 2022 04:11:06 GMT
etag: "62ad505a-1b020"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/k7.gif
192.151.196.21200 OK 104 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k7.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 71 x 71\012- data
Size 104 kB (104461 bytes)
Hash 9e38a9cebde88f45563c4aae36723d3a
126439ba503fc1757864c12e086fd0f1a165a4bc
93054ef4224e847d308892f23ca8d0bf210d5ba26d8c39502eb7016efd97501d
GET /template/web/GG/k7.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 104461
last-modified: Fri, 27 May 2022 05:31:43 GMT
etag: "6290623f-1980d"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/11.gif
192.151.196.21200 OK 76 kB URL HTTP/2 4f.jxry1.com/template/web/GG/11.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 200 x 99\012- data
Hash b91a52dc89525aa53fa4cc9f51313fa5
04be88b70acd504b7bf5a9bb107b63da8c488639
91b59a9d450ebdc06502d1279ee2eef209a84a5d0434a46874a32c9bbc831ba9
GET /template/web/GG/11.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 76147
last-modified: Wed, 11 May 2022 08:23:40 GMT
etag: "627b728c-12973"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/k20.gif
192.151.196.21200 OK 102 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k20.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 124 x 124\012- data
Size 102 kB (101861 bytes)
Hash da1fca07307a6c03cdcfb2d47313113a
f28a95877fad9e725a287466984d496ef7d53afb
9529e1f4226891780f02c558b7b75427b86eb8afa9e5667fd6e8527abf322209
GET /template/web/GG/k20.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 101861
last-modified: Sat, 04 Jun 2022 02:42:51 GMT
etag: "629ac6ab-18de5"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/xinheise/fonts/iconfont.ttf
192.151.196.21200 OK 525 B URL HTTP/2 4f.jxry1.com/template/xinheise/fonts/iconfont.ttf
IP 192.151.196.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/xinheise/fonts/iconfont.ttf HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/template/xinheise/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:31 GMT
content-type: application/octet-stream
content-length: 525
last-modified: Tue, 04 Jan 2022 15:13:38 GMT
etag: "61d46422-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/d5.gif
192.151.196.21200 OK 100 kB URL HTTP/2 4f.jxry1.com/template/web/GG/d5.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 025124b1ea32550544628c7205331a35
6015322cd2faae4cc93266267838878350ac5c70
b1f29051a416097599fa35479620adab7e3f3b5dac8d18c19147eff65955db21
GET /template/web/GG/d5.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 99494
last-modified: Wed, 16 Mar 2022 16:12:20 GMT
etag: "62320c64-184a6"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=350105426&si=63c3c487678e3b7f007b9f6d27b1517e&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27596&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=350105426&si=63c3c487678e3b7f007b9f6d27b1517e&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27596&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=350105426&si=63c3c487678e3b7f007b9f6d27b1517e&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27596&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 00:11:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1D2DC323817C1191; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ed3bf2aa6aef17c72a6dfffea2e38cb
9402558244e0b5cdb731404c761df4330ebe1481
cfc31c02c9f354968e612f64cbb1dada8ab647d78a89145485a87a33cafde634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFC31C02C9F354968E612F64CBB1DADA8AB647D78A89145485A87A33CAFDE634"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Fri, 25 Nov 2022 06:10:58 GMT
Date: Fri, 25 Nov 2022 00:11:56 GMT
Connection: keep-alive
ttzytp1.com/upload/vod/20221123-1/768386ae613490e8d99660b1c5a735ae.jpg
23.224.136.188200 OK 57 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/768386ae613490e8d99660b1c5a735ae.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash bee75767ae40c495ae73eb104bd12ebc
4b5a7fe26e85c7f447125062f32560d218bc6f93
b66db88cabb07c84104c363800bf65d26e6c17e3c473c1440560fd74e2198752
GET /upload/vod/20221123-1/768386ae613490e8d99660b1c5a735ae.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 56939
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:24 GMT
ETag: "637e0108-de6b"
Accept-Ranges: bytes
ttzytp1.com/upload/vod/20221123-1/2de3b8c4792342eb90b590320b24ecc3.jpg
23.224.136.188200 OK 57 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/2de3b8c4792342eb90b590320b24ecc3.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash be4acc2a96bcaebd148b3ae33e922529
3c44e530d3bd9206a904cea8725e80dec5e9386f
d49836be6e0dbc5a533b8746a21493cdbe4c22646e564d9ef5939559064aa532
GET /upload/vod/20221123-1/2de3b8c4792342eb90b590320b24ecc3.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 57273
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:24 GMT
ETag: "637e0108-dfb9"
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 83bc9e495cf14ec4a7077fa40751ca8a
667421ca8dcd2cded464f1cf71ed395c6f1e5499
2f75c5c0e7995cd419ae0743135823c28b19a0caad176b33e52f34f51cf02368
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:41:29 GMT
Expires: Wed, 30 Nov 2022 16:41:28 GMT
Etag: "667421ca8dcd2cded464f1cf71ed395c6f1e5499"
Cache-Control: max-age=490771,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b7f1b2fb515-OSL
4f.jxry1.com/template/web/GG/k1.gif
192.151.196.21200 OK 167 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k1.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 167 kB (167104 bytes)
Hash 9387415ad469299bf6e3bb5c1bbc77e2
cc52974b6ed2239afbbd4088c675fceb0d75cd22
912ce0aceb7de66266542ec85454be033b0a285c975dd7fc8f0d43eecb8716ce
GET /template/web/GG/k1.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 167104
last-modified: Fri, 27 May 2022 05:31:39 GMT
etag: "6290623b-28cc0"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221123-1/3dee8e4577c2f619b07863091411dc00.jpg
23.224.136.188200 OK 8.0 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/3dee8e4577c2f619b07863091411dc00.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3689325cdee2dd98d50ef101b2d14e33
4eca20a4a5064ca256fd1fad7a92236dae982e3b
16a363663de97f67266142ed96dcc29c4cdb98adc543521b0a54bc25b7e11747
GET /upload/vod/20221123-1/3dee8e4577c2f619b07863091411dc00.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 8037
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:24 GMT
ETag: "637e0108-1f65"
Accept-Ranges: bytes
ttzytp1.com/upload/vod/20221123-1/47bffb0066b0bff157b678157bb14a31.jpg
23.224.136.188200 OK 7.9 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/47bffb0066b0bff157b678157bb14a31.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 94f062a18c14a0056ebf94176a76f7dd
332513e3afefa4bdaf487d7eac0ec6ece4c88710
65b97ffb8385d7f18c4b7d63d3bf8d35758521a45bc62d969fa8c70a0077a371
GET /upload/vod/20221123-1/47bffb0066b0bff157b678157bb14a31.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 7858
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:24 GMT
ETag: "637e0108-1eb2"
Accept-Ranges: bytes
4f.jxry1.com/template/web/GG/7.gif
192.151.196.21200 OK 159 kB URL HTTP/2 4f.jxry1.com/template/web/GG/7.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 159 kB (159399 bytes)
Hash 7c1ced688d2af934a1800ae8d89a226f
558b8353f1d66992ce01a67ba66af0ac966877bc
5acf95935750544793683da337ec48ecbadd4ecfe5c1b714ad47c97b5849c02f
GET /template/web/GG/7.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 159399
last-modified: Fri, 11 Mar 2022 16:19:12 GMT
etag: "622b7680-26ea7"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/d2.gif
192.151.196.21200 OK 162 kB URL HTTP/2 4f.jxry1.com/template/web/GG/d2.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 162 kB (161572 bytes)
Hash 64c0f3edc7b3bfd2a2c009f3b93ebd7d
70dee1bf54047d14220328f8ab47d299a679a519
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
GET /template/web/GG/d2.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 161572
last-modified: Wed, 16 Mar 2022 16:12:17 GMT
etag: "62320c61-27724"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/k15.gif
192.151.196.21200 OK 142 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k15.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 235 x 235\012- data
Size 142 kB (141895 bytes)
Hash 0642504c72f3cf9929cfb7544deaca87
16d7028c32010330f5c9f2f8e71a69c4c7bcc859
a102356e14a84a958f692e5e9c2c4d2aa9765bc4cbc3232f9108ec8b46d5b07b
GET /template/web/GG/k15.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 141895
last-modified: Sat, 28 May 2022 04:44:37 GMT
etag: "6291a8b5-22a47"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/a01.gif
192.151.196.21200 OK 156 kB URL HTTP/2 4f.jxry1.com/template/web/GG/a01.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /template/web/GG/a01.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 156311
last-modified: Sat, 18 Jun 2022 04:11:02 GMT
etag: "62ad5056-26297"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/hf5.gif
192.151.196.21200 OK 171 kB URL HTTP/2 4f.jxry1.com/template/web/GG/hf5.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 171 kB (171236 bytes)
Hash 520fabf1fb49a53846d582beea64350c
399df791c5a2244a6fc30543956bcbb62835dbd5
3d332e8626654196daff08c0993994ea65dfe34d960a9e703fba05ec89451401
GET /template/web/GG/hf5.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 171236
last-modified: Mon, 19 Sep 2022 07:14:45 GMT
etag: "632816e5-29ce4"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221123-1/c02b97f64831687dfcf48a9fdbf0b8e9.jpg
23.224.136.188200 OK 11 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/c02b97f64831687dfcf48a9fdbf0b8e9.jpg
IP 23.224.136.188:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash e81910afc48631e8c1253263c12c6f17
c6938f32562bb4d2f9928db82aded139ed97c624
dcb08fcb8073d06321635e072465b81e4ed64435c64138d018238bd6e51cf41f
GET /upload/vod/20221123-1/c02b97f64831687dfcf48a9fdbf0b8e9.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 11381
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:30 GMT
ETag: "637e010e-2c75"
Accept-Ranges: bytes
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 4906b12e3f946a66bd514617cb0f13f2
5697e1f47f03b4a14c23fba4278fb45cee10d107
c85024aed7ec16c428ece27dd5d6a91815411d8858a985d6d9467fe0a8b00849
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 00:11:56 GMT
Last-Modified: Thu, 24 Nov 2022 04:06:48 GMT
ETag: "637eedd8-1d7"
Expires: Sat, 26 Nov 2022 04:06:48 GMT
Cache-Control: max-age=100492
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669335116
Via: cache6.l2de2[241,241,200-0,M], cache6.l2de2[242,0], cache2.se1[272,271,200-0,M], cache2.se1[273,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 00:11:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693351166213812e
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=423827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b7f893f0b4d-OSL
4f.jxry1.com/template/web/GG/t2.gif
192.151.196.21200 OK 254 kB URL HTTP/2 4f.jxry1.com/template/web/GG/t2.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 254 kB (253670 bytes)
Hash bace60a0adc9bdd54f7c83058456a847
4867fd68497b7db5c4e5bbdde781cf098dbabd22
17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368
GET /template/web/GG/t2.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 253670
last-modified: Tue, 10 May 2022 09:20:01 GMT
etag: "627a2e41-3dee6"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/dp1.gif
192.151.196.21200 OK 141 kB URL HTTP/2 4f.jxry1.com/template/web/GG/dp1.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 141 kB (141174 bytes)
Hash 2846430b1663c942a9d2a92c559667cd
2b7d07a004fa13af572b8d5d6317594c1eee9eec
b1357936607e4478fa840a29b58e6714f0063f4a90e28571bd8c8be4e175d74e
GET /template/web/GG/dp1.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 141174
last-modified: Mon, 25 Apr 2022 12:29:49 GMT
etag: "6266943d-22776"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/t1.gif
192.151.196.21200 OK 221 kB URL HTTP/2 4f.jxry1.com/template/web/GG/t1.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 221 kB (221303 bytes)
Hash 633e79a4d76e09af28eb7617340a6330
0aaef1ed9eed51ca839c4b8e88ca4988e27ec6cb
7363c1c913be071eb6240c6600c17b65e81b092944bb5f14c7013b5f96190fb3
GET /template/web/GG/t1.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 221303
last-modified: Tue, 10 May 2022 09:20:00 GMT
etag: "627a2e40-36077"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de84d1f0137fc671cea29600bc2eb1f1
57e0e910838a086a5ecceb27c929be65a04a785a
62cc5e66ef3ee45f97e6d81791ffdb7b12e19d7edaca1fc476eedaed26a007b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62CC5E66EF3EE45F97E6D81791FFDB7B12E19D7EDACA1FC476EEDAED26A007B5"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14800
Expires: Fri, 25 Nov 2022 04:18:37 GMT
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
ttzytp1.com/upload/vod/20221123-1/e452848e7e58ec64be07de8bccb02dc8.jpg
23.224.136.188200 OK 8.7 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/e452848e7e58ec64be07de8bccb02dc8.jpg
IP 23.224.136.188:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash f607317c1fe5ef479163378168837e49
2e066e55246de494f003218c5618d0e13a1bb6e4
a81975c61660c0b6b7b40af735acf7750bbe0828ff68ce4e86f7be5fdd310803
GET /upload/vod/20221123-1/e452848e7e58ec64be07de8bccb02dc8.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:56 GMT
Content-Type: image/jpeg
Content-Length: 8738
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:30 GMT
ETag: "637e010e-2222"
Accept-Ranges: bytes
4f.jxry1.com/template/web/GG/y4.gif
192.151.196.21200 OK 258 kB URL HTTP/2 4f.jxry1.com/template/web/GG/y4.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 258 kB (257689 bytes)
Hash bbdd0bdf651352117671a182ae649b36
0913dc12c9378d9d5bc6aeefdba042fad4f95e8a
c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c
GET /template/web/GG/y4.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 257689
last-modified: Tue, 10 May 2022 09:20:09 GMT
etag: "627a2e49-3ee99"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash caa8b707641e35df881fa30781fc611f
3acaa4abd1496376732c3e5c0f69b0a40963dfff
8f337366f326b600dbb75a8f48b7f040a6b42fb36e3c9b6c55f8d617a08c694e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 23:39:03 GMT
ETag: "3acaa4abd1496376732c3e5c0f69b0a40963dfff"
Last-Modified: Thu, 24 Nov 2022 23:39:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b813fccb4f4-OSL
4f.jxry1.com/template/web/GG/3.gif
192.151.196.21200 OK 417 kB URL HTTP/2 4f.jxry1.com/template/web/GG/3.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 270 x 160\012- data
Size 417 kB (416995 bytes)
Hash 802a103bf67846996296827828346a47
4d4973ef15363f68f8bc9b25c6d78601da3d0d58
d327afcacd1595362aad0358b3fceb8f80e87ec08dc799945e80a9e50c859147
GET /template/web/GG/3.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 416995
last-modified: Wed, 11 May 2022 08:12:40 GMT
etag: "627b6ff8-65ce3"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/d1.gif
192.151.196.21200 OK 320 kB URL HTTP/2 4f.jxry1.com/template/web/GG/d1.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 320 kB (320301 bytes)
Hash 7d3239796daffe24e71eb0e44146f02b
533c9fe388fdb5cc5f807a7358dcd4d1b14bf817
7ae555d64a9c2cbf44806af21930c753b5dc3649be922206fc10ea83efa19523
GET /template/web/GG/d1.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 320301
last-modified: Wed, 11 May 2022 08:33:50 GMT
etag: "627b74ee-4e32d"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/2.gif
192.151.196.21200 OK 620 kB URL HTTP/2 4f.jxry1.com/template/web/GG/2.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 300 x 200\012- data
Size 620 kB (620010 bytes)
Hash 8171edd386b6abd105c0ff0e740330d9
7914e2b95f29d65b0ffb8e6daf7f54dc14da0ae0
5044971fcc4e0c4837e7e586b858fba8257feeed88812253aa9ee2396915c40a
GET /template/web/GG/2.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 620010
last-modified: Wed, 11 May 2022 08:12:37 GMT
etag: "627b6ff5-975ea"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/122.gif
192.151.196.21200 OK 301 kB URL HTTP/2 4f.jxry1.com/template/web/GG/122.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /template/web/GG/122.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 301024
last-modified: Wed, 09 Mar 2022 10:04:32 GMT
etag: "62287bb0-497e0"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/4.gif
192.151.196.21200 OK 279 kB URL HTTP/2 4f.jxry1.com/template/web/GG/4.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 200 x 113\012- data
Size 279 kB (279026 bytes)
Hash 42809e0a73309f01de7651ab3b712cb4
19a1658a10d4e8ca6831a824d4bccbb35dcbf113
da7e1e1332d196cde6cc3a7b9c758abb4493e9708799e7836551823dd399b13d
GET /template/web/GG/4.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 279026
last-modified: Wed, 11 May 2022 08:12:44 GMT
etag: "627b6ffc-441f2"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/k19.gif
192.151.196.21200 OK 288 kB URL HTTP/2 4f.jxry1.com/template/web/GG/k19.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 140 x 140\012- data
Size 288 kB (287575 bytes)
Hash e758cbb971464ca5059e4cdbc1a7601f
615032c5f3516cd6d685bde3c1214a5d05833cd1
df4ecca258502e6c66deb343d9fc8d0bf05e46927194a2e1bc6c652fb80ba71d
GET /template/web/GG/k19.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 287575
last-modified: Sat, 04 Jun 2022 02:42:51 GMT
etag: "629ac6ab-46357"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b1447a8b35d4f0df8742a6eaef1111ae
c0cf3e939ec742ed764b13824539db3e84aba9be
0dfab4caab9fc228cd593e7ed9ed12c4a87642cbb2eb6123622793c009e25c20
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0DFAB4CAAB9FC228CD593E7ED9ED12C4A87642CBB2EB6123622793C009E25C20"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7317
Expires: Fri, 25 Nov 2022 02:13:54 GMT
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
ydschool-online.nosdn.127.net/tiku/0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif
47.246.44.224200 OK 554 kB URL HTTP/2 ydschool-online.nosdn.127.net/tiku/0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 554 kB (554472 bytes)
Hash fbda1ceac2d7e7931e5be0d97570aebb
ebd352b683c6aca55545f988c9e297c84210c1e5
db0794f49092f4a33c6d568f18626419a4c07aff603c8881516d1e27971d9295
GET /tiku/0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif HTTP/1.1
Host: ydschool-online.nosdn.127.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif;charset=UTF-8
content-length: 554472
date: Thu, 24 Nov 2022 07:32:01 GMT
content-disposition: inline; filename="tiku%2F0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif"
etag: fbda1ceac2d7e7931e5be0d97570aebb
last-modified: Thu, 24 Nov 2022 15:32:00 Asia/Shanghai
x-nos-object-name: tiku%2F0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif
x-nos-request-id: 79286963-c96c-462d-82eb-616cb817d57a
x-nos-requesttype: GetObject
x-nos-storage-class: STANDARD
ali-swift-global-savetime: 1669275121
via: cache43.l2nu20-8[69,68,206-0,M], cache2.l2nu20-8[69,0], cache16.l2hk2[102,101,206-0,M], cache19.l2hk2[103,0], cache1.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
age: 59995
x-cache: HIT TCP_MEM_HIT dirn:11:274088346 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 08:00:31 GMT
x-swift-cachetime: 2590290
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9616693351169893958e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 04e27916ddba91709a9cb630cd0e53ca
017e2cfa9c1b64dd8e0ac2600ca61eb6ed629b91
a59668be19da2421be968b3a8a12d38b2bfb3b56a8cd258f52585fb562edf920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 14:59:53 GMT
Expires: Thu, 01 Dec 2022 14:59:52 GMT
Etag: "017e2cfa9c1b64dd8e0ac2600ca61eb6ed629b91"
Cache-Control: max-age=571074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b806e55b518-OSL
4f.jxry1.com/template/web/GG/d4.gif
192.151.196.21200 OK 940 kB URL HTTP/2 4f.jxry1.com/template/web/GG/d4.gif
IP 192.151.196.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 940 kB (940292 bytes)
Hash 9498c0ec00cdde8442bd47b00ff9b275
986b9b94882dd703fee1a8f9b49421196585ac5b
5024715e8bc78d17793d4c0b2c3ec877f564dcbe782490477babffaee734ec7e
GET /template/web/GG/d4.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 940292
last-modified: Wed, 16 Mar 2022 16:12:20 GMT
etag: "62320c64-e5904"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/a07.gif
192.151.196.21200 OK 356 kB URL HTTP/2 4f.jxry1.com/template/web/GG/a07.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 344 x 292\012- data
Size 356 kB (355956 bytes)
Hash 7fcc1b0bc144505a6445039f16e7ae84
c102af587f677b89bb65f7e850a4ca4b41a45456
409d94d159f6c851b76881b6937460458b25a246e45bf6ab98f34efd9474ede8
GET /template/web/GG/a07.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 355956
last-modified: Sat, 18 Jun 2022 04:11:07 GMT
etag: "62ad505b-56e74"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/01.gif
192.151.196.21200 OK 562 kB URL HTTP/2 4f.jxry1.com/template/web/GG/01.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 380 x 570\012- data
Size 562 kB (561983 bytes)
Hash 311afec7a9e7d370b46adf41a45905e7
5460c5036e11ecf12f30d921e4dc811ad56f8b30
39da990b80811f9e29f4b4c1b9a0e7fc4f4b60a42c1f5d949b1ae1a9bbe80eb9
GET /template/web/GG/01.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 561983
last-modified: Wed, 11 May 2022 08:12:48 GMT
etag: "627b7000-8933f"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221123-1/de7741ab30c14487d88503ac3c77906f.jpg
23.224.136.188200 OK 11 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/de7741ab30c14487d88503ac3c77906f.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6d7eae2db37e499e631dcdd6caa4c6be
9acf8bc179f299603f1ea1194116b96a5bd6fc46
d551c2ff8e691ad93c5ccd0eed141c45bcffe1c785fa99dc591eea007ad2556b
GET /upload/vod/20221123-1/de7741ab30c14487d88503ac3c77906f.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/jpeg
Content-Length: 10806
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:30 GMT
ETag: "637e010e-2a36"
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 91044e4b6008fc51e8b4fa8736bde144
f0f9ff44a0d5f27df63723bcffff1c64dd9bef11
c86c80c536f84d506db7f828accb2f17130aec193ae69e80a35f151055f6eb0c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 23:04:36 GMT
ETag: "f0f9ff44a0d5f27df63723bcffff1c64dd9bef11"
Last-Modified: Thu, 24 Nov 2022 23:04:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 210
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b821868b4f4-OSL
4f.jxry1.com/template/web/GG/dp2.gif
192.151.196.21200 OK 767 kB URL HTTP/2 4f.jxry1.com/template/web/GG/dp2.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 767 kB (766938 bytes)
Hash 06f924cdbba4e6c4765765139a404682
7eaadc65f26a4fe45240e14f96c29aa53e721775
514dc1d00a06bed8dbb2a891aa73b6ff70cd32772f582df1c2c959c856d45a5d
GET /template/web/GG/dp2.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 766938
last-modified: Mon, 25 Apr 2022 12:29:50 GMT
etag: "6266943e-bb3da"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/GG/dp4.gif
192.151.196.21200 OK 747 kB URL HTTP/2 4f.jxry1.com/template/web/GG/dp4.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 747 kB (746571 bytes)
Hash 84e8edecf6c28c8218e0a7b1ad9ea414
3897e6bf1a2292c59b45e44d2b9c38e45f8f9a6f
356abb92d87698d59a4af16304d13e760b032739634c495fba68568e82d5c1ce
GET /template/web/GG/dp4.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 746571
last-modified: Mon, 25 Apr 2022 12:29:52 GMT
etag: "62669440-b644b"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp1.com/upload/vod/20221123-1/01244d32010d4215b75c83c39a74572e.jpg
23.224.136.188200 OK 54 kB URL HTTP/1.1 ttzytp1.com/upload/vod/20221123-1/01244d32010d4215b75c83c39a74572e.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash a76bd5725cd644a0d5650a2c8ad921b5
04aa8f1c35a6230d4719629522a15cf8a2fc465b
1287410874be8195d0ba82a54079e98201cf77848edbd8094745afab836de6c8
GET /upload/vod/20221123-1/01244d32010d4215b75c83c39a74572e.jpg HTTP/1.1
Host: ttzytp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/jpeg
Content-Length: 53546
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 11:16:29 GMT
ETag: "637e010d-d12a"
Accept-Ranges: bytes
kveff.com/5acaa66e30e443214f59a6b31654a54e.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveff.com/5acaa66e30e443214f59a6b31654a54e.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5acaa66e30e443214f59a6b31654a54e.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/5acaa66e30e443214f59a6b31654a54e.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8d2d4c2519e173d156b0629de506e00c
b21c4758aa7cda5014cd3386e5bceb4123053a9e
25238d4415525d3410163e30d1b1e07336dee26372340f07a2689bc2fac22e73
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:39:05 GMT
Expires: Wed, 30 Nov 2022 15:39:04 GMT
Etag: "b21c4758aa7cda5014cd3386e5bceb4123053a9e"
Cache-Control: max-age=487026,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b80dc59b515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=442661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b811a4c0b4d-OSL
4f.jxry1.com/template/web/GG/55.gif
192.151.196.21200 OK 834 kB URL HTTP/2 4f.jxry1.com/template/web/GG/55.gif
IP 192.151.196.21:0
File type GIF image data, version 89a, 140 x 206\012- data
Size 834 kB (834244 bytes)
Hash 3965598665b057b276ed86263c36f334
f8374496c56ad6cd140a9bd009b0637c8ce91a35
5efcea93fd0c2cb8059ea79144c6bfb6b094b5810e21cf6e2168ef51ac2fd36a
GET /template/web/GG/55.gif HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: image/gif
content-length: 834244
last-modified: Wed, 11 May 2022 08:28:17 GMT
etag: "627b73a1-cbac4"
expires: Sun, 25 Dec 2022 00:12:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/dh2.js
192.151.196.21200 OK 2.0 kB URL HTTP/2 4f.jxry1.com/template/web/dh2.js
IP 192.151.196.21:0
Hash 2d8df774a2db1abc0ce6ad1d7e88d35b
d1fa079d57130e6091899d5867030c185fc6af0b
b4aa40389d41f65ff91a5d9484d7ddacecbc70709197c5186320f2f24adbf7ec
GET /template/web/dh2.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:25:04 GMT
vary: Accept-Encoding
etag: W/"637f5490-3bef"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e8d30d3ec1b0828e2cdb251db0c348c9
8becf2f79a6f204d0426a2a2e5e7ec37e6472f10
27b9cc025a28e8634794cf735496c109f955229fea5ad78df91c917caae46048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3654
Cache-Control: max-age=112042
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 00:11:57 GMT
Etag: "637f0cb2-117"
Expires: Sat, 26 Nov 2022 07:19:19 GMT
Last-Modified: Thu, 24 Nov 2022 06:18:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
rootnetworksdv.ocsp-certum.com/
23.36.79.17200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 62927e23a9f33695c9a995bb6379d845
4ffa3cd9504cb3aa354411972a68ef7351feb221
bf97a49885f24f4e353c5cb8648b7528c1c61ea01f918a6f6f9601d82416d3a1
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
X-N: S
hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash b3e734968c0eda8a8687e36112faf34d
adb65ed064c0743e123a0b0a01a35348c851b4f4
fe1c480b90a4a15ed0b502f6e13c41759c50efceb9bc537daf3b135245a458b7
GET /hm.js?86ea3af34e71a9d5eae3e3255c8ace53 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 00:11:57 GMT
Etag: 62d5ae3d987a68f26e316a7edf31fc3d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2B57759EE4AE49C3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash a6ba39a9f0c3e455ee43448afc43e3f4
7a3e03ccf27be0f506170fe0c8387c644d5f3a2d
5f603352a88ba84d9951b4a2b4084f9355378ed5cb702b6934c38ae753f44a97
GET /hm.js?959981931bea09b9a10c9c552a50e761 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 00:11:56 GMT
Etag: fcf00d7273e4f813eccdc6857b8d0eaf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=338B95F7DF8A935C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
8499483.com/8499/960x60.gif
23.224.101.35200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 23.224.101.35:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e9fea8283f9424bd681e419d4360fa03
bd76b2c0709a7dd83636743f830b610a78aa9d4c
afbf0f07680b82913bfb3affc85bdd4555b91352b12eac358f70bae292dc8e6c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 28 Nov 2022 20:30:45 GMT
ETag: "bd76b2c0709a7dd83636743f830b610a78aa9d4c"
Last-Modified: Thu, 24 Nov 2022 20:30:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b8349a1b4f4-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 67eed27f698bd136fe6cfe806d51cdfa
80669e908acf14c79dad289ace7c49c29079a450
23b3843113628f6553ea4114a18c7b9d1ca58057f3d1693558f48d3fc777d624
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 19:09:55 GMT
Expires: Mon, 28 Nov 2022 19:09:54 GMT
Etag: "80669e908acf14c79dad289ace7c49c29079a450"
Cache-Control: max-age=326876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b82281db517-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 67eed27f698bd136fe6cfe806d51cdfa
80669e908acf14c79dad289ace7c49c29079a450
23b3843113628f6553ea4114a18c7b9d1ca58057f3d1693558f48d3fc777d624
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 19:09:55 GMT
Expires: Mon, 28 Nov 2022 19:09:54 GMT
Etag: "80669e908acf14c79dad289ace7c49c29079a450"
Cache-Control: max-age=326876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b831f79b529-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 60cd9f95ed7bf19f3b53330851decab0
a6895daf8bdc6c0bc788e1a191521a499f782ac0
500c40d1c49600240745a5881579835d2930d19dee6938585e7279a366d3b72a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 28 Nov 2022 22:46:34 GMT
ETag: "a6895daf8bdc6c0bc788e1a191521a499f782ac0"
Last-Modified: Thu, 24 Nov 2022 22:46:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1626
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f62b838fb4b505-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0ad3bc43446328e39bbcae6cc0b8fe2
e3ffb2181b4f1c9c3ef689b13035e764640176c8
a791304a7c2626d0511146bb8814f01e7d17042bab362621bc29cef9eb7eb74c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A791304A7C2626D0511146BB8814F01E7D17042BAB362621BC29CEF9EB7EB74C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14535
Expires: Fri, 25 Nov 2022 04:14:12 GMT
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2b54e199758fb71b4edf7c921ffff
f4a003f2011a812b132925a1963b429e1fe3ae20
fd0bc47769ffe841413e9dffcdfaa022b24ada4c819ccb2993a2de6d9a4abd4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD0BC47769FFE841413E9DFFCDFAA022B24ADA4C819CCB2993A2DE6D9A4ABD4B"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13780
Expires: Fri, 25 Nov 2022 04:01:37 GMT
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0ad3bc43446328e39bbcae6cc0b8fe2
e3ffb2181b4f1c9c3ef689b13035e764640176c8
a791304a7c2626d0511146bb8814f01e7d17042bab362621bc29cef9eb7eb74c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A791304A7C2626D0511146BB8814F01E7D17042BAB362621BC29CEF9EB7EB74C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14535
Expires: Fri, 25 Nov 2022 04:14:12 GMT
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 67eed27f698bd136fe6cfe806d51cdfa
80669e908acf14c79dad289ace7c49c29079a450
23b3843113628f6553ea4114a18c7b9d1ca58057f3d1693558f48d3fc777d624
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 19:09:55 GMT
Expires: Mon, 28 Nov 2022 19:09:54 GMT
Etag: "80669e908acf14c79dad289ace7c49c29079a450"
Cache-Control: max-age=326876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b832c17b4fd-OSL
kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
104.21.234.86200 OK 366 kB URL HTTP/2 kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 104.21.234.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f.jxry1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Tue, 13 Dec 2022 06:00:08 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1015909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fq4OK7HRkA%2BDSwbLqpMdXyhR13RIRxT6%2BtUKNccJ481%2F31fPauhpQsfrwbvXD2sh2qkRxw609Ihrmft1eozhfXuw0PKSjuTgx9dhlAL2CWxTxeA1sOoarzWL7Jd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f62b83bc637767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/1178aa51525449bbad0e66d4d780056d
47.246.44.228200 OK 233 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/1178aa51525449bbad0e66d4d780056d
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 233 kB (233381 bytes)
Hash 197da9ddb5a718f37593c5d3dae99e73
c0b5c435b083151d712a7e0456295e3879e89748
3b4cd6323ae4360b1e34fc7fb49604fde229be10a3e07634744f139b254e452b
GET /obj/tos-cn-i-dy/1178aa51525449bbad0e66d4d780056d HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 233381
date: Thu, 24 Nov 2022 07:38:46 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 24 Nov 2022 07:38:46 GMT
nw-session-id: 2022112415384601021005414115AB27452d9z902dy
nw-session-trace: 2022-11-24T15:38:46.269636857+08:00 36
x-bdcdn-cache-status: TCP_MISS
x-length: 233381
x-powered-by: ImageX
x-response-date: Thu, 24 Nov 2022 15:38:46 GMT
x-tt-logid: 2022112415384601021005414115AB2745
via: n204-100-071, cache15.l2de2[0,0,206-0,H], cache26.l2de2[0,0], cache26.l2de2[2,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:155::141
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01828e55a3aae08103c59996ea14c72a4afbce9d9c0e8ccd04976d6449a667ce9ef3cf194010af2e0bbe952c943b452b6a9bb50016951014b1442f1915f9d2f6729748e4adfde6fd889c1ca8d6c1fe432dc55260d75d92573fdd3bc2bb36c78c5b
x-response-lb: image
ali-swift-global-savetime: 1669275526
age: 59591
x-cache: HIT TCP_MEM_HIT dirn:2:43826350
x-swift-savetime: Thu, 24 Nov 2022 08:23:39 GMT
x-swift-cachetime: 31533307
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693351174965499e
X-Firefox-Spdy: h2
kvtnnn.top/5acaa66e30e443214f59a6b31654a54e.gif
104.21.234.86200 OK 549 kB URL HTTP/2 kvtnnn.top/5acaa66e30e443214f59a6b31654a54e.gif
IP 104.21.234.86:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 549 kB (549098 bytes)
Hash 8152b7620963de2f18ebb2dff8c77d77
7f6bfaf47b4acf62e58581fa0fa690cc54e794df
496118e431af83c5a808c9e2181d6fe427ab6dcc6e8b4c0de298b46f09a5f654
GET /5acaa66e30e443214f59a6b31654a54e.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: image/gif
content-length: 549098
last-modified: Tue, 16 Aug 2022 11:19:44 GMT
etag: "62fb7d50-860ea"
expires: Sun, 11 Dec 2022 18:58:44 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1141993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqqKmECbDOHeQMaJ21woK7Ui4Y%2F%2BE2JTgS5Qzlckj%2BM4rS8ApizrxSJ1QUucL6oK%2Bpl1Q46fZx%2BjWQFxZ7I9E2FQ2U4xoXlPHuZjodmMFGc7avyxTJ5Z3nR0U1oI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f62b83bc567767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/zxbf.js
192.151.196.21200 OK 1.2 kB URL HTTP/2 4f.jxry1.com/template/web/zxbf.js
IP 192.151.196.21:0
Hash 43572978a0a50017dc87aff0e5102e29
56e4226e91dda22819cfcf8a30b5e0b42b0e5d64
6ead0862a0b739796af994768598ba294ddb5afaf21552816f25903b4f4a787a
GET /template/web/zxbf.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:30 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:13:53 GMT
vary: Accept-Encoding
etag: W/"637f51f1-1470"
expires: Fri, 25 Nov 2022 12:12:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
223969ufy.com/ba084d8c90b643769f907c253405bb7f.gif
45.61.212.54200 OK 16 kB URL HTTP/1.1 223969ufy.com/ba084d8c90b643769f907c253405bb7f.gif
IP 45.61.212.54:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 50b07e9d1fb92e388add96fe58454da7
e6f8b54449282c3bc7216dcfec61e7ba66938942
5f0395e522aa83b7e2f5d8063c7abe9491e803ada3f2895a2fee1ae934323816
Analyzer Verdict Alert quad9 Sinkholed
GET /ba084d8c90b643769f907c253405bb7f.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63788031-3d48"
Date: Sat, 19 Nov 2022 07:14:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 19 Nov 2022 07:05:21 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-24
Content-Length: 15688
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eb3cfbd83945a06eb72b78e8ace1eaed
5e635ed7e7471328793acff772d5c911af22e34f
9c50b275d5ae8ce753f01b52d5acaed493ee8e79b15e12dfb176bb1ece537312
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 18:36:25 GMT
Expires: Thu, 01 Dec 2022 18:36:24 GMT
Etag: "5e635ed7e7471328793acff772d5c911af22e34f"
Cache-Control: max-age=584066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f62b8378d0b518-OSL
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f21e797ccb398bb0bf0cb772c3bbc070
f71f745db6f554fe8ff9607b01f8f1aa9ad86cab
4c8ca9de028e7f29d91452436363458b75cd2fd3454bdc45e71cfa97d1077288
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=860
Date: Fri, 25 Nov 2022 00:11:57 GMT
Connection: keep-alive
X-N: S
s2.loli.net/2022/11/21/gYGMziQny5Uef4K.gif
172.67.69.40200 OK 573 kB URL HTTP/2 s2.loli.net/2022/11/21/gYGMziQny5Uef4K.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 573 kB (573283 bytes)
Hash 82ec0aee9e789788b2af0f8ffa0b71cc
6634973a51e588bd2638a906dda2e687ebf1899d
6dab48a63adf9cc0a632be9ffdef37dbb783448b4106090fa8d6b89cffb0b8af
GET /2022/11/21/gYGMziQny5Uef4K.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 573283
last-modified: Sun, 20 Nov 2022 17:24:07 GMT
etag: "637a62b7-8bf63"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=satsPirJQ6GICJ7d%2FRk8PfWnt4CRTewDir7dzWM2tmmn8GgdY7DC5pzhwRYcO0gzYMhOxWIZoe89CuievTFE0s%2FC73rZT%2FqALXnI7%2B12LU0TCrVn%2FnT%2FVPTcJBfq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f62b7b59950b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s2.loli.net/2022/11/21/AUy6jxY4VGi5duv.gif
172.67.69.40200 OK 424 kB URL HTTP/2 s2.loli.net/2022/11/21/AUy6jxY4VGi5duv.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 424 kB (423944 bytes)
Hash 7477cff9d8a4c8c69b7f03e08531f56e
41ac73827b766192ce97796bb8c4c752211cf9b7
bc38f40933b5e6f69a368ba11289f4f7ea04b757119f3728bdf8abf845e57444
GET /2022/11/21/AUy6jxY4VGi5duv.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:56 GMT
content-type: image/gif
content-length: 423944
last-modified: Sun, 20 Nov 2022 17:24:55 GMT
etag: "637a62e7-67808"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLpILMu4Dm3hNXCArvxEaNg5N5ULHaI%2BJPJuEXGh4BvCnpZ0nzhnunTFdgyNA0CZpVfeFf%2FOivF5Hag7l4x6lNYUBEsj9KOUhJ%2B6lCSRYHBv6ZqxN0%2B3AieWoE2Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f62b7c49f50b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1099.com/e274135eb9634c1fb22538c16652404b.gif
45.61.212.168200 OK 348 kB URL HTTP/2 u1099.com/e274135eb9634c1fb22538c16652404b.gif
IP 45.61.212.168:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /e274135eb9634c1fb22538c16652404b.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6363bed8-54ee0"
server: nginx
date: Fri, 04 Nov 2022 13:28:29 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 13:15:04 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-08
content-length: 347872
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/xx1.js
192.151.196.21200 OK 1.8 kB URL HTTP/2 4f.jxry1.com/template/web/xx1.js
IP 192.151.196.21:0
Hash 379ff279fef71187c486c99b49a47be5
b3029c1d92ba5819048e5414efc5989b6d831e56
ec08b94a841b82944f4c7964407066d8238fed1ee32c911f5f8ea83134ed415e
GET /template/web/xx1.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 07:50:40 GMT
vary: Accept-Encoding
etag: W/"637f2250-176f"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
askfhkjghbs-qwerrtb.com/images/hxcimages1.gif
212.24.127.6200 OK 570 kB URL HTTP/2 askfhkjghbs-qwerrtb.com/images/hxcimages1.gif
IP 212.24.127.6:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570133 bytes)
Hash 110026f4d159108c5398a3fc438bfc49
a909120105cfd3c40e64d011ee7990548b564fd1
e9b6ed0db00c3f426e53593b6c597aaa06ee17634b08d1e260164571baf731da
GET /images/hxcimages1.gif HTTP/1.1
Host: askfhkjghbs-qwerrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:45 GMT
content-type: image/gif
content-length: 570133
last-modified: Sat, 12 Nov 2022 14:52:19 GMT
etag: "8093d65ca6f6d81:0"
server: ****
x-cache: HIT
x-cache-hit: edge
x-request-id: 8e336d1b7db09f2bd206bee7ee3d0986
cache-control: max-age=77760000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1543171266&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1543171266&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1543171266&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 00:11:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A391ECAF76E8E8BF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
323823umv.com/78c6516276f54792a5be2e0ffdc810be.gif
45.61.212.54200 OK 407 kB URL HTTP/1.1 323823umv.com/78c6516276f54792a5be2e0ffdc810be.gif
IP 45.61.212.54:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 407 kB (407200 bytes)
Hash 3a2a02fe192865c46b4ea1b57711d35d
10d02c2e54d809ceeed42839991a8b2efa59c573
0b600e3355c823c5669f8338ff521c9b3790de0c3bb051bf24b19fc644821c6d
Analyzer Verdict Alert quad9 Sinkholed
GET /78c6516276f54792a5be2e0ffdc810be.gif HTTP/1.1
Host: 323823umv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636e5da8-636a0"
Date: Tue, 22 Nov 2022 02:15:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 11 Nov 2022 14:35:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-24
Content-Length: 407200
yh.133svip.com/tu/960%C3%9760.gif
23.224.184.204200 OK 476 kB URL HTTP/1.1 yh.133svip.com/tu/960%C3%9760.gif
IP 23.224.184.204:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 476 kB (475803 bytes)
Hash f2b5398762c4bb19d4024ceaef57aa27
da986b1e6742d0b1a090d2a9fa1ec0c7c98e7f31
52b30bbd7b33d03437e11258a8225458e73d737a424c06694e5235fbb5b2dfe6
GET /tu/960%C3%9760.gif HTTP/1.1
Host: yh.133svip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
ETag: "d3e39b44f6bad81:0"
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2022 15:53:08 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 00:08:29 GMT
X-Cache: HIT from dhostname
Content-Length: 475803
Connection: keep-alive
hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash eb370e42bccdda301d4da2a0aa61d272
1205180eed691fad6f50f3f34373c68df189f2c7
36a69aaa28ba59f0fd0588214219c743d9ee30cda2c4f44c80ca4fa4a9d99c67
GET /hm.js?23623cf5f4a21b97670aa94e566ea294 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 00:11:57 GMT
Etag: 897ce086ed0d0033806970ecad6457b7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FA725BC65548010A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ia.51.la/go1?id=21273073&rt=1669335116209&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1669335116209&tt=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F4f.jxry1.com%252F&pu=http%253A%252F%252Fwww.eu-capitals.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21273073&rt=1669335116209&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1669335116209&tt=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F4f.jxry1.com%252F&pu=http%253A%252F%252Fwww.eu-capitals.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21273073&rt=1669335116209&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1669335116209&tt=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E9%259B%25AA%25E8%258A%25B1%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252F4f.jxry1.com%252F&pu=http%253A%252F%252Fwww.eu-capitals.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=541bc1482415b28d9cf; path=/
HWWAFSESTIME=1669335117382; path=/
n0499.com/3282e564a7f1442ebddbd322fbcbbc01.gif
20.243.252.217200 OK 142 kB URL HTTP/1.1 n0499.com/3282e564a7f1442ebddbd322fbcbbc01.gif
IP 20.243.252.217:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 142 kB (141802 bytes)
Hash d266492116a9903619eeb035b0f4cdd9
4444e9192f207b2b946d71bc38fdf7e23fe8912c
829c5302dd74ad53f4d8adf3de284908c5d6a1662b28b395fea1b4d3d9e78eed
GET /3282e564a7f1442ebddbd322fbcbbc01.gif HTTP/1.1
Host: n0499.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 13:14:29 GMT
ETag: W/"6363beb5-4002e"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1022.com/b6a1abdd01064b01af34e0e023cce433.gif
103.170.15.52200 OK 218 kB URL HTTP/2 u1022.com/b6a1abdd01064b01af34e0e023cce433.gif
IP 103.170.15.52:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 218 kB (217826 bytes)
Hash 27ec5c83cb9575b31075dcd71389974e
681c71534d8c5bc8ec8526db4d56f63099809e69
b53d8f0e3870208d18544443eb3f76870a4c79e9a7c745b699bd8060e84fde01
GET /b6a1abdd01064b01af34e0e023cce433.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63790ab9-352e2"
server: nginx
date: Thu, 24 Nov 2022 05:55:20 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 16:56:25 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-42
content-length: 217826
X-Firefox-Spdy: h2
339282bdb.com/ac1d5335cb994e3d866c1c8bd292a55b.gif
103.170.15.82200 OK 876 kB URL HTTP/1.1 339282bdb.com/ac1d5335cb994e3d866c1c8bd292a55b.gif
IP 103.170.15.82:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 100\012- data
Size 876 kB (875887 bytes)
Hash 615bb5640bd5731d565ce226248874aa
6078a171d5f984f650d0b310c216e286bcb6f36d
6dd751858e88556c5f2191769bf831076fa4a6ea2f5d84cd0f21c30ca2b45545
Analyzer Verdict Alert quad9 Sinkholed
GET /ac1d5335cb994e3d866c1c8bd292a55b.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63788023-d5d6f"
Date: Thu, 24 Nov 2022 12:57:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 19 Nov 2022 07:05:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-12
Content-Length: 875887
mt66g.com/image/960x60SS.gif
23.225.89.147200 OK 103 kB URL HTTP/2 mt66g.com/image/960x60SS.gif
IP 23.225.89.147:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 103 kB (102652 bytes)
Hash 4ea87bf064b6a321a25be03966f1fe52
950e88121e18e47880340351cd8b435ef009dd16
1d1efeb6b9857e9d7ea6ec4c94154c0a61b3bcf9251108fe527adec84fbde332
GET /image/960x60SS.gif HTTP/1.1
Host: mt66g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: image/gif
content-length: 102652
last-modified: Wed, 02 Nov 2022 07:51:25 GMT
etag: "6362217d-190fc"
expires: Sat, 17 Dec 2022 08:11:34 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/120x120.gif
47.75.19.34200 OK 37 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/120x120.gif
IP 47.75.19.34:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 120 x 120\012- data
Hash e1483cb58b351df158268bdc4849e1b7
2da640458aa8f291b37b728cd17b7503d474755b
b6ce1d21cbf120517235bf517e86faa5dc0d8daa5078f6984930296d4971d434
GET /gg/120x120.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Content-Length: 37216
Connection: keep-alive
x-oss-request-id: 6380084D9DB57839369981AA
Accept-Ranges: bytes
ETag: "E1483CB58B351DF158268BDC4849E1B7"
Last-Modified: Thu, 21 Jul 2022 01:19:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7284670312886197610
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 4Ug8tYs1HfFYJovcSEnhtw==
x-oss-server-time: 1
nevereverever.me/wp-content/uploads/2022/11/19.CC-GIF_960x60.gif
159.65.10.165200 OK 310 kB URL HTTP/2 nevereverever.me/wp-content/uploads/2022/11/19.CC-GIF_960x60.gif
IP 159.65.10.165:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310042 bytes)
Hash bd4e3d3a2f66a6b5ae586b845be55321
6233151963a53f3a056996efb421c4b5f755eabf
0c94da5c883c24b208a425030dabc5d06e3f910ace25b0ef27d693e11fd1757c
GET /wp-content/uploads/2022/11/19.CC-GIF_960x60.gif HTTP/1.1
Host: nevereverever.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: image/gif
content-length: 310042
last-modified: Tue, 22 Nov 2022 12:37:43 GMT
etag: "637cc297-4bb1a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2052925265&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2052925265&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2052925265&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.eu-capitals.com%2F&v=1.3.0&lv=1&sn=27597&r=0&ww=1268&u=https%3A%2F%2F4f.jxry1.com%2F&tt=%E9%9B%AA%E8%8A%B1%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 00:11:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1E16286EB4DCE301; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
20.189.126.156200 OK 261 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 261 kB (261015 bytes)
Hash 68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8
GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:45:32 GMT
ETag: "1667493932"
Expires: Sat, 03 Dec 2022 16:45:32 GMT
Last-Modified: Thu, 03 Nov 2022 16:45:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
20.189.126.156200 OK 259 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (258804 bytes)
Hash 70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0
GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:37:39 GMT
ETag: "1667486259"
Expires: Sat, 03 Dec 2022 14:37:39 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
20.189.126.156200 OK 279 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP 20.189.126.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 279 kB (278909 bytes)
Hash cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893
GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:11:40 GMT
ETag: "1667491901"
Expires: Sat, 03 Dec 2022 16:11:40 GMT
Last-Modified: Thu, 03 Nov 2022 16:11:41 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
9030a.cc/1008-960x60.gif
154.85.10.21200 OK 245 kB IP 154.85.10.21:0
ASN #211392 Dream Cloud Innovation Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245135 bytes)
Hash b6eb4d9fd04fe63a7687677a8036e237
eac3cedc645a39478dc6ad3ec6ea97db621174b8
6b61596ae15b088b70b49d17c7b47eaffaa5f235c9215459334b85039af7f008
GET /1008-960x60.gif HTTP/1.1
Host: 9030a.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 04 Oct 2022 14:45:04 GMT
Accept-Ranges: bytes
ETag: "5c7ab8e3ffd7d81:0"
Server: Microsoft-IIS/8.5
Date: Fri, 25 Nov 2022 00:11:51 GMT
Content-Length: 245135
X-Via: 1.1 localhost.localdomain (random:85111 Fikker/Webcache/3.7.8)
Set-Cookie: fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Fri, 25 Nov 2022 10:46:03 GMT; max-age=7200; path=/
fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Fri, 25 Nov 2022 10:46:03 GMT; domain=.cc; max-age=7200; path=/
383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.80200 OK 299 kB URL HTTP/1.1 383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.80:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 6380084D5A8AEE32326CE463
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Sun, 23 Oct 2022 07:06:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 2
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.77.166.72200 OK 339 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 339 kB (339049 bytes)
Hash 120f3a01e40b1e58017422e07a358e7b
201b8030f1dc57e1c5f503ab15459990f49c0850
f834cdc6d3baa837bcd3cb5dd42ddafbb903ccc07022dcca2822b451c6a0f7a1
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Content-Length: 339049
Connection: keep-alive
x-oss-request-id: 6380084D4931713431CB2030
Accept-Ranges: bytes
ETag: "120F3A01E40B1E58017422E07A358E7B"
Last-Modified: Sun, 20 Nov 2022 08:09:52 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11820530545471216528
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Eg86AeQLHlgBdCLgejWOew==
x-oss-server-time: 2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0
43.129.255.47200 OK 231 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 231 kB (231270 bytes)
Hash 2f2c8ec52149276d3ef1c493494dcdd9
f6f8e0965653c402469862d8cdc7e57df1ddc846
a1274ed00e690cfe012e394ca855570f6ebb32e625385597f8ecb5110e444a08
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 00:11:57 GMT
content-type: image/gif
content-length: 231270
vary: Accept,Origin
last-modified: Mon, 26 Sep 2022 14:50:11 GMT
cache-control: max-age=2592000
x-delay: 41324 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 231270
chid: 0
fid: 0
x-nws-log-uuid: 3cadfc26-360c-4d9c-8509-ac0623c31e4a
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 94370afc386ce62a95b8f3493df482bd
937c08aa7b928f3b25190f570342857d60f44a4f
964858860ccb37453bfe477e7c2e0bd98933764a8e9e4a329742d95e7b752e20
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 00:11:58 GMT
Last-Modified: Thu, 24 Nov 2022 08:54:48 GMT
ETag: "637f3158-1d7"
Expires: Sat, 26 Nov 2022 08:54:48 GMT
Cache-Control: max-age=117770
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669335118
Via: cache8.l2de2[473,473,200-0,M], cache8.l2de2[474,0], cache2.se1[494,494,200-0,M], cache2.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 00:11:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693351182824678e
4f.jxry1.com/template/web/xx2.js
192.151.196.21200 OK 699 kB URL HTTP/2 4f.jxry1.com/template/web/xx2.js
IP 192.151.196.21:0
Size 699 kB (698830 bytes)
Hash 158db8963b2ab7ee20f173dfe6b8afae
8698b3230d033bb95e2998ff4463e9ad7d7e0e27
ef27cb3e41f4c842376d6d72984d6046fa7c2eef9c3c3e655f946f79abedacb9
GET /template/web/xx2.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 07:50:50 GMT
vary: Accept-Encoding
etag: W/"637f225a-c6e"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
513575528.com/111e0519e12b4d8ca35473dd40ab6320.gif
47.75.19.145200 OK 200 kB URL HTTP/1.1 513575528.com/111e0519e12b4d8ca35473dd40ab6320.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 125 x 125\012- data
Size 200 kB (200511 bytes)
Hash f64efa5cf5c281f0771fd375523a71e9
a1e3bef4d172d02f8412e63b12e3795d03c8da3c
6df0802e529451ad6dbc02d60d626ccb43fded0aa5f093901229e52e809b844b
GET /111e0519e12b4d8ca35473dd40ab6320.gif HTTP/1.1
Host: 513575528.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Content-Length: 200511
Connection: keep-alive
x-oss-request-id: 6380084DDA8A7936321CFFB4
Accept-Ranges: bytes
ETag: "F64EFA5CF5C281F0771FD375523A71E9"
Last-Modified: Thu, 27 Oct 2022 05:13:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16034985892227948232
x-oss-storage-class: Standard
Content-MD5: 9k76XPXCgfB3H9N1Ujpx6Q==
x-oss-server-time: 2
1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
47.75.19.69200 OK 944 kB URL HTTP/1.1 1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
IP 47.75.19.69:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 944 kB (944089 bytes)
Hash aa2183d37f4bb3e32799aa7559d6828b
9d75c1091c801574931943dc3e4fe4ff38118950
2db5c59fac7361ef8ba376e459ccbe1c98beb6b831dac82d855ca8a0324b4eab
GET /se/lq.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 00:11:57 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 6380084D8A23F73335DD0FD6
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Sat, 05 Nov 2022 08:29:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 1
4f.jxry1.com/template/xinheise/css/ate.css
192.151.196.21200 OK 739 kB URL HTTP/2 4f.jxry1.com/template/xinheise/css/ate.css
IP 192.151.196.21:0
Size 739 kB (738897 bytes)
Hash 9138b09adfb93214748f5fd0ece31efd
9856353082893b98b8af8f8e382462c02c218da1
592f1375806cca1e32561fcffc8cdaca26dfe4bf3dc388f34685c0a596336387
GET /template/xinheise/css/ate.css HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:26 GMT
vary: Accept-Encoding
etag: W/"61d46416-126e4"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.u1333.com/images/637f1e368d97bc67605fd906.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u1333.com/images/637f1e368d97bc67605fd906.gif
IP 91.199.87.220:0
GET /images/637f1e368d97bc67605fd906.gif HTTP/1.1
Host: img.u1333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1178aa51525449bbad0e66d4d780056d
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.8961x.com/images/6367618408e040a3f9f0abb3.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.8961x.com/images/6367618408e040a3f9f0abb3.gif
IP 91.199.87.220:0
GET /images/6367618408e040a3f9f0abb3.gif HTTP/1.1
Host: img.8961x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/126962c36cff4d738bda7ade3c273740
cache-control: max-age=3600
X-Firefox-Spdy: h2
4f.jxry1.com/template/web/dh1.js
192.151.196.21200 OK 0 B URL HTTP/2 4f.jxry1.com/template/web/dh1.js
IP 192.151.196.21:0
GET /template/web/dh1.js HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 11:21:59 GMT
vary: Accept-Encoding
etag: W/"637f53d7-32e2"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 0 B URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6590378
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 00:11:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
img.u2676.com/images/637f1def8d97bc67605fd905.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u2676.com/images/637f1def8d97bc67605fd905.gif
IP 91.199.87.220:0
GET /images/637f1def8d97bc67605fd905.gif HTTP/1.1
Host: img.u2676.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ydschool-online.nosdn.127.net/tiku/0c3136fb49a4dfb0c0fc01947505cd7bbb349ffd19faf5e083c58dbf9be2ca44.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
4f.jxry1.com/template/xinheise/css/1.css
192.151.196.21200 OK 0 B URL HTTP/2 4f.jxry1.com/template/xinheise/css/1.css
IP 192.151.196.21:0
GET /template/xinheise/css/1.css HTTP/1.1
Host: 4f.jxry1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4f.jxry1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 00:12:29 GMT
content-type: text/css
last-modified: Mon, 14 Mar 2022 11:30:18 GMT
vary: Accept-Encoding
etag: W/"622f274a-8319"
expires: Fri, 25 Nov 2022 12:12:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2