r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18045
Expires: Tue, 20 Dec 2022 08:09:48 GMT
Date: Tue, 20 Dec 2022 03:09:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Tue, 20 Dec 2022 05:08:27 GMT
Date: Tue, 20 Dec 2022 03:09:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 02:34:23 GMT
content-type: application/json
age: 2080
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10471
Expires: Tue, 20 Dec 2022 06:03:34 GMT
Date: Tue, 20 Dec 2022 03:09:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: waKkkWtEFz7o6ztb0EmdmBKABD+uoXGn2TV52PBR3axyw2DqBao4aSJFfboSrH/CLCZ7mSyCoEI=
x-amz-request-id: 6MYNQPCG5HSDNTDK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 02:29:16 GMT
age: 2387
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.qqgx.net/64798511
104.164.242.24200 OK 2.1 kB IP 104.164.242.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626), with CRLF line terminators
Hash ad12c8e676f734a13b9ac2f65a70b4a3
6fbebc4beecad30640152cf19c7e3ae188e2bd63
676516d7f0b4ac97b8cddf65a341c63b72a6fabdc1aec8c4293d3636ebf70fcb
GET /64798511 HTTP/1.1
Host: www.qqgx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:05 GMT
Content-Length: 2070
Content-Type: text/html
Server: nginx
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 03:09:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.qqgx.net/64798511
104.164.242.24200 OK 2.1 kB IP 104.164.242.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626), with CRLF line terminators
Hash ad12c8e676f734a13b9ac2f65a70b4a3
6fbebc4beecad30640152cf19c7e3ae188e2bd63
676516d7f0b4ac97b8cddf65a341c63b72a6fabdc1aec8c4293d3636ebf70fcb
GET /64798511 HTTP/1.1
Host: www.qqgx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:06 GMT
Content-Length: 2070
Content-Type: text/html
Server: nginx
www.qqgx.net/common.js
104.164.242.24200 OK 4.0 kB IP 104.164.242.24:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash cf71c39ce2ac643f86289d26b2cf5554
eb23cb7e30df2fdeec0256e2a2fa1ed24366231f
4c7bf0ab99ed8e1fc2a0af9501ce6307c7dbda5da9eabb07e0538139fec86d7b
GET /common.js HTTP/1.1
Host: www.qqgx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qqgx.net/64798511
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:06 GMT
Content-Length: 3981
Content-Type: application/x-javascript
Server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 03:08:02 GMT
age: 61
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4df678b16094ceafefdbbd55707f4dbe
39a68e051456a8ab6c782502a94e8b95ccb0a71d
00561de9683c69a89e084b685df25c6ea4d3a38654a40554f127814200aadf6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 968
Cache-Control: max-age=108833
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 03:09:03 GMT
Etag: "63a029a8-1d7"
Expires: Wed, 21 Dec 2022 09:22:56 GMT
Last-Modified: Mon, 19 Dec 2022 09:06:48 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.qqgx.net/tj.js
104.164.242.24200 OK 19 kB IP 104.164.242.24:0
File type ASCII text, with very long lines (17702), with CRLF line terminators
Hash e9fa91ef5610b59280e82a2bd2529c49
f0e3a032d99c420aa6ae56e2a24d7e5a16450fe3
12971b0d1c4adf127121c58052e1891595a30919674cd5d17a927b7e9a8abe6a
GET /tj.js HTTP/1.1
Host: www.qqgx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qqgx.net/64798511
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:06 GMT
Content-Length: 18894
Content-Type: application/x-javascript
Server: nginx
push.services.mozilla.com/
54.148.53.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.53.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9fi8dVwslI57wo9Htk2QHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yG4rQVjepKr6669m19cnX7HKRsM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0fb4ab1af49988388854972b1d471ac3
0edc958e0ee62fb45edd51b90b484db6f9d3686d
259055a2985c8931f6cf9549b868d30f38b3b1a4acbe000ab73cd1203eacab6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "259055A2985C8931F6CF9549B868D30F38B3B1A4ACBE000AB73CD1203EACAB6A"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8804
Expires: Tue, 20 Dec 2022 05:35:48 GMT
Date: Tue, 20 Dec 2022 03:09:04 GMT
Connection: keep-alive
www.qqgx.net/favicon.ico
104.164.242.24200 OK 2.1 kB IP 104.164.242.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626), with CRLF line terminators
Hash ad12c8e676f734a13b9ac2f65a70b4a3
6fbebc4beecad30640152cf19c7e3ae188e2bd63
676516d7f0b4ac97b8cddf65a341c63b72a6fabdc1aec8c4293d3636ebf70fcb
GET /favicon.ico HTTP/1.1
Host: www.qqgx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qqgx.net/64798511
Cookie: __tins__21258357=%7B%22sid%22%3A%201671505749032%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201671507549032%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:07 GMT
Content-Length: 2070
Content-Type: text/html
Server: nginx
ia.51.la/go1?id=21258357&rt=1671505749032&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591!%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%252C%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7&ing=1&ekc=&sid=1671505749032&tt=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&kw=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&cu=http%253A%252F%252Fwww.qqgx.net%252F64798511&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21258357&rt=1671505749032&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591!%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%252C%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7&ing=1&ekc=&sid=1671505749032&tt=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&kw=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&cu=http%253A%252F%252Fwww.qqgx.net%252F64798511&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21258357&rt=1671505749032&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591!%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%252C%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7&ing=1&ekc=&sid=1671505749032&tt=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&kw=%25E8%2580%2581%25E5%25B8%2588%25E4%25BD%25A0%25E5%25A4%25B9%25E5%25BE%2597%25E5%25A5%25BD%25E7%25B4%25A7%25E5%25A5%25BD%25E7%2588%25BD%25E5%2585%25A8%25E6%2596%2587%25E9%2598%2585%25E8%25AF%25BB%252C%25E8%2580%2581%25E5%25B8%2588%25E6%258E%2580%25E8%25B5%25B7%25E5%2586%2585%25E8%25A1%25A3%25E5%2596%2582%25E6%2588%2591%25E5%25A5%25B6%25E5%25A4%25B4%25E5%258A%25A8%25E6%2580%2581%25E5%259B%25BE%252C%25E8%2580%2581%25E5%25B8%2588%25E7%25A9%25BF%25E8%25B6%2585%25E7%259F%25AD%25E5%258C%2585%25E8%2587%2580%25E8%25A3%2599%25E5%258A%259E%25E5%2585%25AC%25E5%25AE%25A4%25E7%2588%2586%25E4%25B9%25B3&cu=http%253A%252F%252Fwww.qqgx.net%252F64798511&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.qqgx.net/
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 20 Dec 2022 03:09:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=4e6df928a8c9fd03b33; path=/
HWWAFSESTIME=1671505740237; path=/
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2ca94daf98c9382ff1b864f04d6e3c68
9597303e95fe6f96ba08d097ae8d73ef7c597774
0be760f9444ba279c5d540a282e261293cac306978c69916c0f66ff6e39422f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 03:09:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Dec 2022 02:39:00 GMT
ETag: "9597303e95fe6f96ba08d097ae8d73ef7c597774"
Last-Modified: Tue, 20 Dec 2022 02:39:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 383
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c52d58fbfb1c02-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9043
Expires: Tue, 20 Dec 2022 05:39:48 GMT
Date: Tue, 20 Dec 2022 03:09:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9043
Expires: Tue, 20 Dec 2022 05:39:48 GMT
Date: Tue, 20 Dec 2022 03:09:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9043
Expires: Tue, 20 Dec 2022 05:39:48 GMT
Date: Tue, 20 Dec 2022 03:09:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9043
Expires: Tue, 20 Dec 2022 05:39:48 GMT
Date: Tue, 20 Dec 2022 03:09:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bba7c67bdc57d1fe2870ebd4ee9fd5c9
127850560e258665ca8074757c1b66f680d2bd78
9edd765e65644edfe4221352225cb89ebe98fa451d9528b8b614d594a20e100d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: d84f905b-7faf-409a-b188-4b8cf06b9e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4KJGx9oAMFrQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a1070d-43152d9651bcb4a15ffe1cfa;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:51:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uGYoskcC2ev3JFxsBZGglmBiCCWmjo5Xg2zqe5925zArdzRk5QtuTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:24:18 GMT
age: 6287
etag: "127850560e258665ca8074757c1b66f680d2bd78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8218fde73bff9978e07b0e06e1f7f0fb
ab15f8d74ea032d89f65603b4eef2377dc97e358
134d5a1046ea50f37f0234a4d1d167130b2950a1d61e93e2340dccbc922b4844
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9493
x-amzn-requestid: 54028261-e98d-4bb6-98da-51d41edc6d2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da61jElIIAMFl8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b56-7eeb3b142dd3d0f92e9fa9ba;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:09:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: oXQy1PwLBW8u0kv_sHcypb8QB6xwLtYMy4eWRZVQaD2xYjpw2dGA3A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:48:38 GMT
age: 4827
etag: "ab15f8d74ea032d89f65603b4eef2377dc97e358"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
34.120.237.76200 OK 2.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac396f580b50a626abbeb37c0ec5f005
626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb
3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2054
x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabqhHE6IAMFrxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: uJwyFukmL1DoqJnY-yzKVBLtnEITiYMDkVoZoXm46QGdni9vkzUTMA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:32 GMT
age: 19233
etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5da803c751be159f0f5b3c2f65bd2b6
39139480cfc2ed0781b51745bfaabed4490aa0db
920ee464843101c638327866fbfcc9c7f00fc19b7cdbc8948fbe53d2b6fb4ed3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 668c95f2-a1b1-4abd-9f4e-23d05c4998a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da270EFlIAMFR5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10518-56d6db4f4cff1b4e08b87046;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Hy6G0TSJc89Fyo8X3mLQ4nY4Y-2Xva9gqcLLAZH_T61Kk-6cMmhqQQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:39 GMT
age: 7226
etag: "39139480cfc2ed0781b51745bfaabed4490aa0db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4535f00ed3710172a5f7debc715cb36f
b176b458d20465245409f5b442fd4ad50c6a11f9
ad0fbd8a82b0859dc9c36053d8190bc20b3759ffa5971f55b0faedf8ba7ec001
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10533
x-amzn-requestid: 31f0445f-d7e5-4d9d-98c7-60441253c2be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da6p9EVToAMFoBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b0c-5e2b65513b791ea728b8e2a0;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lT2jpFhPw531E8UQ9y7rjzPSqFR84sANjFhhfHmB_Xz4PfksWQ0xEA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:28 GMT
age: 7237
etag: "b176b458d20465245409f5b442fd4ad50c6a11f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3646fddc-b4d4-40d6-8ac8-11e581f070ed.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3646fddc-b4d4-40d6-8ac8-11e581f070ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7d48c7a238253336ae240e7362f30e2
13a70df410e0eb8360f58e6899ea96907a2221f7
0fd4130e92dac852333fe88ebbbaa93c9dc5698ae8728567cf639f113faabc3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3646fddc-b4d4-40d6-8ac8-11e581f070ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12452
x-amzn-requestid: 8d0b5fd3-2da0-437f-94e6-468bdb52ac50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4QAHBLIAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10733-5f55b1f5401649373559df61;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:52:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: aUcLR0TorXnHLE9l9G0NZK2zbtYdqh_sUycqbl9UQv0cQfTH5js4TQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:46 GMT
age: 7219
etag: "13a70df410e0eb8360f58e6899ea96907a2221f7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c6a62c7ac7f235ff41a0ae106b83a20a
a85506ed6ad4184fa01a92cc835ba729627af05a
685cd4dc0d1fb0c9963156bc715613542806ba3f1f73f898a687924d275cf5ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "685CD4DC0D1FB0C9963156BC715613542806BA3F1F73F898A687924D275CF5AC"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Tue, 20 Dec 2022 09:08:15 GMT
Date: Tue, 20 Dec 2022 03:09:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 01415b2b7da9c27af5f906e30375eb9f
5eb70220bcb88c032c526a318050f747810ec95c
c6e77944012e36d63253e12cf5b6c7473f5b44afb6da3ea29adc6bd587ee188a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6E77944012E36D63253E12CF5B6C7473F5B44AFB6DA3EA29ADC6BD587EE188A"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Tue, 20 Dec 2022 09:09:02 GMT
Date: Tue, 20 Dec 2022 03:09:07 GMT
Connection: keep-alive
api.h1c4hace.world/js/jquery.min.js
118.107.43.9200 OK 36 kB URL HTTP/2 api.h1c4hace.world/js/jquery.min.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
Hash 5ccad1319b86258a2886ac210685db27
6dcef3abf255e5c37ff552843c0e8b58275460d4
525131b6ee53b65bc02635e97107a3289f31221eecd6cbad5a826699f5c13882
GET /js/jquery.min.js HTTP/1.1
Host: api.h1c4hace.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.h1c4hace.world/1671506007.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:06 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 13:00:00 GMT
vary: Accept-Encoding
etag: W/"617012d0-15d84"
expires: Tue, 20 Dec 2022 13:11:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
api.hcgnb75c.world/static/js/chunk-vendors.cbebd8a9.js
118.107.43.9200 OK 269 kB URL HTTP/2 api.hcgnb75c.world/static/js/chunk-vendors.cbebd8a9.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
Size 269 kB (268732 bytes)
Hash bc210cb81010db26a3c6ecc60411c772
c942d79dceaa84c796f3dc1a9ec790736527b35d
0735c92b34b6557072fdd5ff1c2e26b7c7c6c8a3bb66b9abb762ce998200e136
GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:08 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-b4f96"
expires: Tue, 20 Dec 2022 13:06:39 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
api.hcgnb75c.world/static/index.2772579d.css
118.107.43.9200 OK 59 kB URL HTTP/2 api.hcgnb75c.world/static/index.2772579d.css
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
Hash 92418f0bb08a5af72f392ba5a44ade2a
3b0c000bfa1820e3f45b64a7124f874e66e4a6ee
a08e3cd1bf629bd754c1290cf657210eacb4be898e10547d615c182011145669
GET /static/index.2772579d.css HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:08 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-17031"
expires: Tue, 20 Dec 2022 13:06:39 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
api.hcgnb75c.world/static/loading.svg
118.107.43.9200 OK 1.8 kB URL HTTP/2 api.hcgnb75c.world/static/loading.svg
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
GET /static/loading.svg HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:10 GMT
content-type: image/svg+xml
content-length: 1784
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
etag: "6381861a-6f8"
via: cloudfly-node01
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6fa5d3b61087e1adac827193c134d2a8
eb7999e2bf004dd97f2685e01eebcd969dd9e7a8
682675d7ac85b46114e3e8c10fbb5a65193e6b35575c6d54f93dff00a4108bfc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "682675D7AC85B46114E3E8C10FBB5A65193E6B35575C6D54F93DFF00A4108BFC"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20629
Expires: Tue, 20 Dec 2022 08:53:00 GMT
Date: Tue, 20 Dec 2022 03:09:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d0dd3afc0bcc2cadee52be54ad8326e
2e03f69d5799526b0f3dcae1bcd1b0935a3c5457
3ae5ef6136baa1c27a0aa92764ffea226673987aefdb72a9d6d1c711867132af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AE5EF6136BAA1C27A0AA92764FFEA226673987AEFDB72A9D6D1C711867132AF"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=130
Expires: Tue, 20 Dec 2022 03:11:21 GMT
Date: Tue, 20 Dec 2022 03:09:11 GMT
Connection: keep-alive
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Dec 2022 03:09:11 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a2bd427fcaa53c4b09a1a9db9ae5122e
06e1ba5da70ff0896b59d731b58d27436d12d248
6e3f65347b60d9494dfe44948707efdcc4464348f024d9769f42de8ae9fdc150
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 03:09:11 GMT
Etag: "639f72e9-117"
Server: ECS (amb/6BBF)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a2bd427fcaa53c4b09a1a9db9ae5122e
06e1ba5da70ff0896b59d731b58d27436d12d248
6e3f65347b60d9494dfe44948707efdcc4464348f024d9769f42de8ae9fdc150
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 03:09:11 GMT
Etag: "639f72e9-117"
Last-Modified: Tue, 20 Dec 2022 03:09:11 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.234.153200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.234.153:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.hcgnb75c.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 03:09:11 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Sun, 25 Dec 2022 00:00:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2171296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVThhJbIGDZ%2FwtTd8Qj3uOwLN5PkAtYyFYQw8FffBlLo2UFSaoQYWL4VFzApv%2BuZ1Z0HLAxK7ilETJx6vd3vunb0Tfwa%2FW446mAU8pf8BvyKuQXil2GW6GWpw%2Blb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77c52d82f9b6756a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.h1c4hace.world/1671506007.html
118.107.43.9200 OK 0 B URL HTTP/2 api.h1c4hace.world/1671506007.html
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /1671506007.html HTTP/1.1
Host: api.h1c4hace.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.qqgx.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:05 GMT
content-type: text/html
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cloudfly-node01
cdn-cache: MISS
X-Firefox-Spdy: h2
api.hcgnb75c.world/static/js/pages-index-index.c2312e26.js
118.107.43.9200 OK 0 B URL HTTP/2 api.hcgnb75c.world/static/js/pages-index-index.c2312e26.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /static/js/pages-index-index.c2312e26.js HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:09 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-13e4"
expires: Tue, 20 Dec 2022 13:06:47 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
99.86.207.78200 OK 0 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 99.86.207.78:0
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 565615
date: Mon, 19 Dec 2022 20:34:32 GMT
last-modified: Mon, 19 Dec 2022 09:06:43 GMT
etag: "6a2c609ad0c46bb1b8d9cd39eacde625"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f282b142fde09f8a416a455a744cf300.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UtAtzM1EwWcBLikX0j0UJ_ijbNWz_xp87a4fcsFhepXwTf34If3jkg==
age: 23680
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
99.86.207.68200 OK 0 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 99.86.207.68:0
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
date: Mon, 19 Dec 2022 20:31:24 GMT
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 234f204b97102d6c9005ffbaac41c9a4.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: z4ZyEHqek9ieNooMxvj-k3bRly7Y73PfDEOmyPRqMD7zGEP0CEBvsQ==
age: 23868
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 0 B URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 03:06:31 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Thu, 19 Jan 2023 03:06:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
99.86.207.125200 OK 0 B URL HTTP/2 kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 99.86.207.125:0
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 184926
date: Mon, 19 Dec 2022 20:30:35 GMT
last-modified: Mon, 19 Dec 2022 08:24:20 GMT
etag: "214553bbbe765499c15ec4271f4bbd23"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ae5fbf7e945dfb8ed9076b63d7d070f4.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HbkxQfM8k4nsPPFwI3B9JfJqbvV2e1iO8KtW4xJpiRdsua-4sArE0w==
age: 23916
X-Firefox-Spdy: h2
api.hcgnb75c.world/h5/web.php/index/index
118.107.43.9200 OK 0 B URL HTTP/2 api.hcgnb75c.world/h5/web.php/index/index
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/index HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:10 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
api.hcgnb75c.world/static/js/index.046d5a0f.js
118.107.43.9200 OK 0 B URL HTTP/2 api.hcgnb75c.world/static/js/index.046d5a0f.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /static/js/index.046d5a0f.js HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:08 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-1bb43"
expires: Tue, 20 Dec 2022 13:06:39 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
99.86.207.122200 OK 0 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 99.86.207.122:0
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1121344
date: Mon, 19 Dec 2022 20:38:24 GMT
last-modified: Thu, 15 Dec 2022 01:54:51 GMT
etag: "1fa329c2303bf5a0d2ffd8d484269fbc"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 cc06cfa4d5aa941ac43f3090c885ee80.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IHknpdeO5HHq88WV5LU6m1AppyIaCnywDDl58uhyvFtlxdH_PEOppw==
age: 23448
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
99.86.207.74200 OK 0 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 99.86.207.74:0
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 845326
date: Mon, 19 Dec 2022 20:28:05 GMT
last-modified: Thu, 15 Dec 2022 01:49:18 GMT
etag: "c3e13dfb200737af2e68b42c07f28465"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 766850cf3ceebc02f33548a3287ad588.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GVOBDCZ_wN_B-oUDsL5II6bNITYiHxwWTtqTc0YxJjTheQkP_g9Vqw==
age: 24067
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
13.227.254.91200 OK 0 B URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 13.227.254.91:0
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 20 Dec 2022 02:32:43 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: sQZrqEeYPGD8kfgqls_10JxWKbHtMYJ4OEgxsneTU_85sNw03l_nWg==
Age: 2188
hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?7e5e3dfa6de61bfd4b1abb18528745ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 20 Dec 2022 03:09:10 GMT
Etag: e99533b4d6d878cfcd39d154dbfd0126
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F311E14CC9BD51C3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
api.hcgnb75c.world/h5/web.php/index/type
118.107.43.9200 OK 0 B URL HTTP/2 api.hcgnb75c.world/h5/web.php/index/type
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/type HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:09 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
api.hcgnb75c.world/h5/web.php/index/showType
118.107.43.9200 OK 0 B URL HTTP/2 api.hcgnb75c.world/h5/web.php/index/showType
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/showType HTTP/1.1
Host: api.hcgnb75c.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.hcgnb75c.world/?tt=1671506009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
13.227.254.91200 OK 0 B URL HTTP/1.1 kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
IP 13.227.254.91:0
GET /4b6dde2b3f39cee4956a18a192534906.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 325185
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:06:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 19 Dec 2022 07:02:23 GMT
ETag: "f6abc830b4c6c36a82db7bc9c87d79db"
X-Cache: Hit from cloudfront
Via: 1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: 3TsubxuuUV4Itrg4JaHqW3eYVapyY6Ll3mVZPzZVppveWGZJIjWTbg==
Age: 72408
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
13.227.254.91200 OK 0 B URL HTTP/1.1 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 13.227.254.91:0
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 65414
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:07:51 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 19 Dec 2022 21:45:58 GMT
ETag: "514c48163ce5b65fb6bf16d8578b478b"
X-Cache: Hit from cloudfront
Via: 1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: _sjp9wquLz1Av6tbjcnlkH82Nn24FPUDiAYwGOeGcxrbhQtqcAs9DA==
Age: 35705
nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.04667713949215946?v=021267511985573717
156.240.106.189200 OK 0 B URL HTTP/2 nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.04667713949215946?v=021267511985573717
IP 156.240.106.189:0
ASN #140227 Hong Kong Communications International Co., Limited
GET /common.php?val=daxiangjiao&t=0.04667713949215946?v=021267511985573717 HTTP/1.1
Host: nba.tb2w8avl.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.qqgx.net
Connection: keep-alive
Referer: http://www.qqgx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 03:13:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.h1c4hace.world/js/jquery.js
118.107.43.9200 OK 0 B URL HTTP/2 api.h1c4hace.world/js/jquery.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /js/jquery.js HTTP/1.1
Host: api.h1c4hace.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.h1c4hace.world/1671506007.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Dec 2022 03:09:06 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Tue, 20 Dec 2022 13:11:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cloudfly-node01
cdn-cache: HIT
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
99.86.207.13200 OK 0 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 99.86.207.13:0
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.hcgnb75c.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
date: Mon, 19 Dec 2022 20:33:59 GMT
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 766850cf3ceebc02f33548a3287ad588.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yu7EdHj1j3X-g6gClsgTAG7iRTT7zNUam-0UV5iV8lhR8gulyVgIBw==
age: 23713
X-Firefox-Spdy: h2