r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7688
Expires: Mon, 26 Dec 2022 15:30:56 GMT
Date: Mon, 26 Dec 2022 13:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67f508aae634a023b587a7129a5b8039
2ff7e1d29b497147941d0abf581411cbd2722d7b
eee5fda5214bd4f75b0934bb1f14429fe01251628026fd0f18f117b38848601c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE5FDA5214BD4F75B0934BB1F14429FE01251628026FD0F18F117B38848601C"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Mon, 26 Dec 2022 15:03:14 GMT
Date: Mon, 26 Dec 2022 13:22:48 GMT
Connection: keep-alive
51199713.cn/
134.73.41.99301 Moved Permanently 0 B IP 134.73.41.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 51199713.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Dec 2022 13:25:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.51199713.cn/index.php
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 12:35:01 GMT
content-type: application/json
age: 2867
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b1d63d9d906daa309dc263b4991bbe9
04680ddd86781d46dfe6a9671571b3ad1f3758f3
46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Mon, 26 Dec 2022 16:07:56 GMT
Date: Mon, 26 Dec 2022 13:22:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lm0sU876uudKpTsYW10lUs9OLVfchEtliXvCWVuRAfmrxDEv7XVxgo8ANR2OjUSHqz4w3bCc8yQ=
x-amz-request-id: JPKBFM13CSZKBVMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 12:55:20 GMT
age: 1648
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 13:08:06 GMT
age: 883
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1761
Cache-Control: max-age=159200
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:49 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 09:36:09 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7XcKNt1/BlOVp4Tz+WdatQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iD4X591GOKwdjLnbp77g8qKp+aI=
www.51199713.cn/index.php
134.73.41.99200 OK 520 B URL HTTP/1.1 www.51199713.cn/index.php
IP 134.73.41.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (534), with CRLF line terminators
Hash 4d45e3dd0e92857e27d60c320623e180
982cb823b9669d5e6a71afb19e7b6bad0f83cd32
b9a511e73bcea6b5cafb279d9554e7c6c3ad414f4efee086d986a9dc6419f9ee
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.51199713.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Dec 2022 13:25:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.51199713.cn/common.js
134.73.41.99200 OK 674 B URL HTTP/1.1 www.51199713.cn/common.js
IP 134.73.41.99:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1291), with no line terminators
Hash d4a01e2a028cf5474cb5ed420ee3eeec
e2207628d49eacf3366973917cd96c91a0293a35
0d67943824bf55624b9c3370f2d39ee705746aa0a3e2607d5bd0cd04b572836d
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.51199713.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51199713.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Dec 2022 13:25:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.51199713.cn/tj.js
134.73.41.99200 OK 258 B IP 134.73.41.99:0
File type ASCII text, with CRLF line terminators
Hash 34fb696ec470907c76d26b5b522a6a27
64e80f6518ce9a46699c90b0c9583cbcf4534d1a
7f6f61791aaf917e6518f06085005b5e86a1190168067197ab4aa4606149e1a6
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.51199713.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51199713.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Dec 2022 13:25:57 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.51199713.cn/favicon.ico
134.73.41.99200 OK 1.2 kB URL HTTP/1.1 www.51199713.cn/favicon.ico
IP 134.73.41.99:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.51199713.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51199713.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Dec 2022 13:25:57 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 31 Dec 2022 13:25:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18470
Expires: Mon, 26 Dec 2022 18:30:40 GMT
Date: Mon, 26 Dec 2022 13:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18470
Expires: Mon, 26 Dec 2022 18:30:40 GMT
Date: Mon, 26 Dec 2022 13:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18470
Expires: Mon, 26 Dec 2022 18:30:40 GMT
Date: Mon, 26 Dec 2022 13:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18470
Expires: Mon, 26 Dec 2022 18:30:40 GMT
Date: Mon, 26 Dec 2022 13:22:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e38d94b0be1b10ecac941b497f57c861
12911cd039f5c7b05013ebbc369aec5613134906
38a41df0d4f4405e8ecf6b379431bdb87eaed40e20481262b43d1fd127c010fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9452
x-amzn-requestid: 41b87e86-25f2-4d3b-a4ac-ae9a933a75b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMupEMdIAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-22b2693c043757fb5d58dda7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: StP3cRZB5uQq5vj2oEZZmxAsLlu-nsnDNjQBdeb_o6Rd3YsP7p2Qlg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:01:52 GMT
etag: "12911cd039f5c7b05013ebbc369aec5613134906"
content-type: image/jpeg
age: 55258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2665a6ae98ace2eab671f9e8a9f0978
d1b0b2b7bf8c8bf2e9765e9103908aba36989727
ae9125caee2dc267c67bf4f31f2669e03f65c47a43f2d0ab83081eb043d23d85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9932
x-amzn-requestid: 280fdeaa-a0e1-4306-9adb-52c0f28b4002
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNZzGcjoAMF5wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2a4-73e3e4b34b67da2d2dbb8020;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR7WiQ1kUfI129AOECPfR181bNjexz6B7BEIYxDRiGNqfKCQPiBKOQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:58:57 GMT
age: 55433
etag: "d1b0b2b7bf8c8bf2e9765e9103908aba36989727"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d56ed7f66802ac154bc856e5bb69c13
3fc1162af1229f939cc1253aa86d476da51950cd
e10eed5b4c912f9730169ac07f9ba6c471f1d27c8d0efdfed8bb4a6cb5880869
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6073
x-amzn-requestid: 69e21df1-a420-4ad7-b0bf-4d9eacb5bee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duOGEGvmIAMFoag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c3c0-6b8069e3057cf71d7284fbf7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:42:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgxS2QNcD1b_3t2BTbbnUpDp8F9GM--NIw4cVzoKxXL3btqDf9h-9A==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:57:13 GMT
age: 55537
etag: "3fc1162af1229f939cc1253aa86d476da51950cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed63771e-49ab-4dd4-bb93-7edbe4a60b20.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed63771e-49ab-4dd4-bb93-7edbe4a60b20.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddc8d9389e210563e9deb4d1d54e047a
4c40e689e5a341349fbc63faf30eca2131d3c9b3
6cca94f0bb4d3762e536c17a7e771d882609fb84a2771d2a15a56d3442e746fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed63771e-49ab-4dd4-bb93-7edbe4a60b20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7842
x-amzn-requestid: 4f964d70-fd93-49a3-8c0b-68241bc93150
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: doXwgG60IAMFwyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a66ccf-0718b71a3e957ef349f06daf;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 03:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: o12QG-88MtiuMxWavXG4Mnd3mn1NRvvZkr6YgXeJoaW5mbYrM_IRHQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:38:56 GMT
age: 35034
etag: "4c40e689e5a341349fbc63faf30eca2131d3c9b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f5421b0-4d90-4126-813c-f0b20b8058dc.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f5421b0-4d90-4126-813c-f0b20b8058dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a39035081117434c8be0b4b9d247edd
62ce877ea88dc4c691fce6ce36149eb3db8849ba
594754f2ab4a2f394d465893b9f73364c6ca1d03b688c8bc71ae687b70364c4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f5421b0-4d90-4126-813c-f0b20b8058dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6402
x-amzn-requestid: e473a47b-af93-4aef-87ee-0ae9bd9ea1fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNbQHdWoAMFRZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2ae-571725cd15512b1d33f622c7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sjzsgESZF2HPFLG-oYV2IkkmOmbWCxfWLndFjEAwvbrVIO18yH8Bfw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:57:04 GMT
age: 55546
etag: "62ce877ea88dc4c691fce6ce36149eb3db8849ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8403a671b2c4b3b2ce2f8a9eba9de2c0
5437391241a500b6b0d2118120e835d2673e7d39
1e52a144b08ff6efe2da52dfdfeccbc4cea9270536cf5e7a2a769bbff9cd7d2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 6fdd6489-ffea-400f-9199-a20789160ba8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlFk6FvuoAMFYcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a51c85-6805b25c54c3390e5c39c6e1;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 03:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gfO9Ei1XEd8cvE7CBnK5AUz1wIr890fLc9vwcZje7I23ZEjJkFLUDg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:52:37 GMT
age: 34213
etag: "5437391241a500b6b0d2118120e835d2673e7d39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4a73343119536a28837f9f24dc2b7f43
79455fb84ff943b1f48967d45499715c9d9e5dcf
93bf5bacd4baa1c27ea5409d573532a80ef0b587eb9223aa5607d6c4b56e43e4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 30 Dec 2022 10:51:30 GMT
ETag: "79455fb84ff943b1f48967d45499715c9d9e5dcf"
Last-Modified: Mon, 26 Dec 2022 10:51:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1377
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20acafb4b524-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 086626a0b4be1f686a00682215acb3c8
98ded19492cd182754ec0f14348e92148b60cf09
0ddfebd192d126be4c602c7bf5236c4da5bdf8f2f74554513d7faa5db7b89323
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DDFEBD192D126BE4C602C7BF5236C4DA5BDF8F2F74554513D7FAA5DB7B89323"
Last-Modified: Sat, 24 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21506
Expires: Mon, 26 Dec 2022 19:21:17 GMT
Date: Mon, 26 Dec 2022 13:22:51 GMT
Connection: keep-alive
hm.baidu.com/hm.js?80c38e3f57c9779a67b604ee8c47bc5f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?80c38e3f57c9779a67b604ee8c47bc5f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash 84daaefb43954aba01d43e1eed174a11
e21a0746107de2b3923d61a84e8056de485c794e
0d7112f4b56a815a851b2a1f1d41150732ce98d8715fa1928650de984b860b8f
GET /hm.js?80c38e3f57c9779a67b604ee8c47bc5f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.51199713.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11264
Content-Type: application/javascript
Date: Mon, 26 Dec 2022 13:22:51 GMT
Etag: 2a429673f0f97320502091f1860c28b3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EA2AB196A97D9BF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a52de51a6b43c0ad34db05e4bae0a
8c11d65d8a9283e9181e5ef41a2489ad0111fe94
5cfdceaa2f70ca72bf97bad4abe632199909d778afdcb8f7ab298ebeb59fb5f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5CFDCEAA2F70CA72BF97BAD4ABE632199909D778AFDCB8F7AB298EBEB59FB5F7"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Mon, 26 Dec 2022 14:52:33 GMT
Date: Mon, 26 Dec 2022 13:22:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a52de51a6b43c0ad34db05e4bae0a
8c11d65d8a9283e9181e5ef41a2489ad0111fe94
5cfdceaa2f70ca72bf97bad4abe632199909d778afdcb8f7ab298ebeb59fb5f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5CFDCEAA2F70CA72BF97BAD4ABE632199909D778AFDCB8F7AB298EBEB59FB5F7"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Mon, 26 Dec 2022 14:52:33 GMT
Date: Mon, 26 Dec 2022 13:22:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a52de51a6b43c0ad34db05e4bae0a
8c11d65d8a9283e9181e5ef41a2489ad0111fe94
5cfdceaa2f70ca72bf97bad4abe632199909d778afdcb8f7ab298ebeb59fb5f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5CFDCEAA2F70CA72BF97BAD4ABE632199909D778AFDCB8F7AB298EBEB59FB5F7"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Mon, 26 Dec 2022 14:52:33 GMT
Date: Mon, 26 Dec 2022 13:22:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a52de51a6b43c0ad34db05e4bae0a
8c11d65d8a9283e9181e5ef41a2489ad0111fe94
5cfdceaa2f70ca72bf97bad4abe632199909d778afdcb8f7ab298ebeb59fb5f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5CFDCEAA2F70CA72BF97BAD4ABE632199909D778AFDCB8F7AB298EBEB59FB5F7"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Mon, 26 Dec 2022 14:52:33 GMT
Date: Mon, 26 Dec 2022 13:22:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a52de51a6b43c0ad34db05e4bae0a
8c11d65d8a9283e9181e5ef41a2489ad0111fe94
5cfdceaa2f70ca72bf97bad4abe632199909d778afdcb8f7ab298ebeb59fb5f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5CFDCEAA2F70CA72BF97BAD4ABE632199909D778AFDCB8F7AB298EBEB59FB5F7"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Mon, 26 Dec 2022 14:52:33 GMT
Date: Mon, 26 Dec 2022 13:22:52 GMT
Connection: keep-alive
wmbt13.xyz/template/web/app1.js
154.22.124.29200 OK 971 B URL HTTP/2 wmbt13.xyz/template/web/app1.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text
Hash b432a333b05817d4799b46d4ec7a83d5
3ccdd0f17502592fa3bb7b2c1cbfda519adfdad7
a2e2747ee3c3cf49b2664039854d99550a3cc95cb62dc4a0267528b6897987bf
GET /template/web/app1.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
content-length: 971
last-modified: Fri, 23 Dec 2022 05:55:54 GMT
etag: "63a542ea-3cb"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/app3.js
154.22.124.29200 OK 1.0 kB URL HTTP/2 wmbt13.xyz/template/web/app3.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text
Hash dc8e122517e765bb1f672c2487ac522c
15b3a8b05d02b03a7df9904f268d65b5aa6b1d05
d4902658a719321595772aca6cda6783039ba615327ef947c81b715a5454350a
GET /template/web/app3.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
content-length: 1004
last-modified: Sun, 25 Dec 2022 13:52:19 GMT
etag: "63a85593-3ec"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/c3wbcn0txaw0954c3wbcn0txaw182911.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/c3wbcn0txaw0954c3wbcn0txaw182911.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash d96ae67bc9f8f83331cde8828f40651a
d997ce122257dec0e01fdde9e0ea5df006bc7447
c1244208a51d929f3deda68b985485dc50c8559d11c18bcbe3028815fb55fb07
GET /upload/vod/2022/09-10/09/c3wbcn0txaw0954c3wbcn0txaw182911.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 11038
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11699, status=webp_bigger
etag: "631bee4a-2db3"
last-modified: Sat, 10 Sep 2022 01:54:18 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b3f8640afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/hdjms4sozu00954hdjms4sozu0232923.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/hdjms4sozu00954hdjms4sozu0232923.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b61aec08d859921fa139d8d2cb823817
7a65a06862f67f24ad2bf67b39a9573e11c14049
c100a163b6b6fb51a95a4791d96f8ab690cdc6105a5ca58d3876cbc60fa13414
GET /upload/vod/2022/09-10/09/hdjms4sozu00954hdjms4sozu0232923.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 10404
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10988, status=webp_bigger
etag: "631bee4f-2aec"
last-modified: Sat, 10 Sep 2022 01:54:23 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b4086c0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ar0m33b0kxh0954ar0m33b0kxh222921.jpg
104.22.13.214200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/ar0m33b0kxh0954ar0m33b0kxh222921.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73bf7af08ecfe399330a7ddec3b0ba42
7910bd4caa90ac5f3b516088c5e34f5e19515b6e
93af7524d8d69fdc19d23ed31302133327cc0b46e0628c8b2fcc2b31fb23b6cc
GET /upload/vod/2022/09-10/09/ar0m33b0kxh0954ar0m33b0kxh222921.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 6118
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7483
content-disposition: inline; filename="ar0m33b0kxh0954ar0m33b0kxh222921.webp"
etag: "631bee4f-1d3b"
last-modified: Sat, 10 Sep 2022 01:54:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b4086a0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/s13pphqqo51.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/s13pphqqo51.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 37e623de3e0ea1c807b2b1e3e30a4678
a87affff274fc67d5f3fb6835afc7667c06d15d8
4fa48b7772e91693a703babc986747d639ef75af6a0201b6be47972c985227d5
GET /upload/vod/2022/12/s13pphqqo51.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 11396
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11985
content-disposition: inline; filename="s13pphqqo51.webp"
etag: "63a7e77d-2ed1"
last-modified: Sun, 25 Dec 2022 06:02:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f8560afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/r04zzxvaeqs0954r04zzxvaeqs142905.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/r04zzxvaeqs0954r04zzxvaeqs142905.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 150fe3932ddaa832b77a8d0be4009451
a07b3953fc14247c6d14dd72baf6b0d24443099a
1955d179f55552d97345f5fa92f2be05e8a2e2465434c4df60087ce3a8a2d7f3
GET /upload/vod/2022/09-10/09/r04zzxvaeqs0954r04zzxvaeqs142905.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 10394
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10899
content-disposition: inline; filename="r04zzxvaeqs0954r04zzxvaeqs142905.webp"
etag: "631bee46-2a93"
last-modified: Sat, 10 Sep 2022 01:54:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f8600afa-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1309727278&si=80c38e3f57c9779a67b604ee8c47bc5f&v=1.3.0&lv=1&sn=979&r=0&ww=1280&u=http%3A%2F%2Fwww.51199713.cn%2Findex.php&tt=%E5%92%B8%E9%98%B3%E5%8F%AA%E6%81%B3%E6%B0%B4%E7%94%B5%E5%AE%89%E8%A3%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1309727278&si=80c38e3f57c9779a67b604ee8c47bc5f&v=1.3.0&lv=1&sn=979&r=0&ww=1280&u=http%3A%2F%2Fwww.51199713.cn%2Findex.php&tt=%E5%92%B8%E9%98%B3%E5%8F%AA%E6%81%B3%E6%B0%B4%E7%94%B5%E5%AE%89%E8%A3%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1309727278&si=80c38e3f57c9779a67b604ee8c47bc5f&v=1.3.0&lv=1&sn=979&r=0&ww=1280&u=http%3A%2F%2Fwww.51199713.cn%2Findex.php&tt=%E5%92%B8%E9%98%B3%E5%8F%AA%E6%81%B3%E6%B0%B4%E7%94%B5%E5%AE%89%E8%A3%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.51199713.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Dec 2022 13:22:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C1187B74A4D3E8D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/cbxx3dbve4g0954cbxx3dbve4g212917.jpg
104.22.13.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/cbxx3dbve4g0954cbxx3dbve4g212917.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2080cb09e70e52c303ab2848967c3eb
a32d287039be19fb5b24eb0fb8582d35e2ebcde7
9ef92eda1122d0a7ea40f439c4129e90232779436b985ba2f1a4d04a2d846da6
GET /upload/vod/2022/09-10/09/cbxx3dbve4g0954cbxx3dbve4g212917.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 8398
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9395
content-disposition: inline; filename="cbxx3dbve4g0954cbxx3dbve4g212917.webp"
etag: "631bee4d-24b3"
last-modified: Sat, 10 Sep 2022 01:54:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f8670afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/t4psh2su4un0954t4psh2su4un222919.jpg
104.22.13.214200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/t4psh2su4un0954t4psh2su4un222919.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cfb6c07f8163da7440be1dfc792d1b81
a6bb24d5e8bd9dabb5c1eb887c993a0e0a708f80
8bd7799e077df8adafc0c04b91ccfb5156449ea5b96920420b19ff8453ed0a0f
GET /upload/vod/2022/09-10/09/t4psh2su4un0954t4psh2su4un222919.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7238
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8290
content-disposition: inline; filename="t4psh2su4un0954t4psh2su4un222919.webp"
etag: "631bee4e-2062"
last-modified: Sat, 10 Sep 2022 01:54:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b408690afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/nivksgz2udv.jpg
104.22.13.214200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/nivksgz2udv.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2191ec5d15659108ca18e0e0eef81bb
6dc3828e105053bdb5f4f21f0a642d97edb550a4
810a954d1029b2f5bd8ab82f4c9f7d565cb045cbe1625fd3c15b554849f4384d
GET /upload/vod/2022/12/nivksgz2udv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7882
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9116
content-disposition: inline; filename="nivksgz2udv.webp"
etag: "63a7e794-239c"
last-modified: Sun, 25 Dec 2022 06:03:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f85a0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/2mfmwymcmsz09542mfmwymcmsz202915.jpg
104.22.13.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/2mfmwymcmsz09542mfmwymcmsz202915.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fbc76d8666e45ccd81961e86dc62badf
1a7af64ca517f60433475b3eee233082cc0e3b61
6064a5373c9246cab0141fbc19c013d8eaf2d064eafabb2e2cbfa860099dcfb7
GET /upload/vod/2022/09-10/09/2mfmwymcmsz09542mfmwymcmsz202915.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 13071
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13988, status=webp_bigger
etag: "631bee4c-36a4"
last-modified: Sat, 10 Sep 2022 01:54:20 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b3f8660afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/g213zthbpge.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/g213zthbpge.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 6a3d409b2fecc592af254de81f4128a7
ad224079587ce9e6b8f94b2a210bd6df1f15078e
42c5d1fe3b1cf7f4683fa0de5b09c79efc4ae1b132241e6fee385e845a79ca36
GET /upload/vod/2022/12/g213zthbpge.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 11985
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12630, status=webp_bigger
etag: "63a7e790-3156"
last-modified: Sun, 25 Dec 2022 06:02:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b4187c0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ksdyjqv2s1l.jpg
104.22.13.214200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ksdyjqv2s1l.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57a7002220c8c7bf8d48475100eeee7f
e4ff1cd1ef2e5a5728a852d1c9b5d7e60bcdf581
2ddaac17d0bc67d23df2139e9b9692643541592e2338a9856b271b170d166a2c
GET /upload/vod/2022/12/ksdyjqv2s1l.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 6218
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7622
content-disposition: inline; filename="ksdyjqv2s1l.webp"
etag: "63a7e5f4-1dc6"
last-modified: Sun, 25 Dec 2022 05:56:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b408720afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/sgxsz5yvizs.jpg
104.22.13.214200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/sgxsz5yvizs.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b545be6e3647105e700b0a0d5fb5efe5
22de81b3bccd4c6097a6f4009aa2b353e0bffaba
2cdfc3598da2bfc5749c5ff0d3260ef77f992861d2c21f9a50ddd7c6c0fad34e
GET /upload/vod/2022/12/sgxsz5yvizs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 6168
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7568
content-disposition: inline; filename="sgxsz5yvizs.webp"
etag: "63a7e5f8-1d90"
last-modified: Sun, 25 Dec 2022 05:56:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b408730afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tjp0ci3sbd4.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tjp0ci3sbd4.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e448a5be07723290c05fe9236d6dfd01
79f5f41d7f886899946d8cf2c5ecb79f3745f72a
2d35ef49a7c36723965b639050be01f675b23b82aeae1f5a97cf7ea43213ab0d
GET /upload/vod/2022/12/tjp0ci3sbd4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 8722
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9874
content-disposition: inline; filename="tjp0ci3sbd4.webp"
etag: "63a7e5fd-2692"
last-modified: Sun, 25 Dec 2022 05:56:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b408750afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/nmlz4ruyux3.jpg
104.22.13.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/nmlz4ruyux3.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6428b8a6911386939f339d46a8b6ac0d
40761e6b8f2731c24a1405c14d03f29ee1d9a8eb
a96285cf27bc8e83792afc01653732e901e773f7c0f92e283fd249de280bc02c
GET /upload/vod/2022/12/nmlz4ruyux3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 8138
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9383
content-disposition: inline; filename="nmlz4ruyux3.webp"
etag: "63a7e602-24a7"
last-modified: Sun, 25 Dec 2022 05:56:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b408760afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/iwptdksvcnp.jpg
104.22.13.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/iwptdksvcnp.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d73b50af8961f777f1a6ef5a11bba70
9b4549ebb0ee793a250442cbc8d9c0b7d088ad56
52272f8ba5a68d839483c96b183b2740bb80b5655e1c6db77db4f14affbf3aa0
GET /upload/vod/2022/12/iwptdksvcnp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7108
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8050
content-disposition: inline; filename="iwptdksvcnp.webp"
etag: "63a7e778-1f72"
last-modified: Sun, 25 Dec 2022 06:02:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b418790afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/sdp5yvk0hax0954sdp5yvk0hax132903.jpg
104.22.13.214200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/sdp5yvk0hax0954sdp5yvk0hax132903.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 797d380b85f4bdbc3d61ae823dad1972
d9a34cccac3bdb06eaa86b6015175c35a89d44b0
a7afddde019ec41fc04ef3f95127d35d8b07aba79f832616704853d7d6a36cbe
GET /upload/vod/2022/09-10/09/sdp5yvk0hax0954sdp5yvk0hax132903.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7692
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8905
content-disposition: inline; filename="sdp5yvk0hax0954sdp5yvk0hax132903.webp"
etag: "631bee46-22c9"
last-modified: Sat, 10 Sep 2022 01:54:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f85f0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/w2kbqnvtkn5.jpg
104.22.13.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/w2kbqnvtkn5.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66077374ff054c7de06630dae3bc6d7e
0e63d9a943551961f555c31ed2415e5a84a3cc51
64c76f0b3e1885f26639d2553c9fb80e34aa03fa9b6aa79a0697cf1ec4637811
GET /upload/vod/2022/12/w2kbqnvtkn5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7056
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8420
content-disposition: inline; filename="w2kbqnvtkn5.webp"
etag: "63a7e782-20e4"
last-modified: Sun, 25 Dec 2022 06:02:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b418770afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/c2rkv1nkmwu.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/c2rkv1nkmwu.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4fe26f0bce8b7ed0ad3aeaafa749fcae
36c04eb3f1be60ebfdcb41e8d62afa21e9e43b8f
6fd092953a11fb8c10c7aa3789c03fb7b8af88c41ae2fb514c302baed12bce64
GET /upload/vod/2022/12/c2rkv1nkmwu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 10270
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11052
content-disposition: inline; filename="c2rkv1nkmwu.webp"
etag: "63a7e78c-2b2c"
last-modified: Sun, 25 Dec 2022 06:02:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b4187a0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/rxsugcmg1s00954rxsugcmg1s0162909.jpg
104.22.13.214200 OK 5.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/rxsugcmg1s00954rxsugcmg1s0162909.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66396272acf0d012eb0abdc01891405d
26f5d336469db8c6b95669669c2d0ddef858546e
7736edc86d06e42073c1a23e0eaef9ac539b1b487db667d14d756c6798016b77
GET /upload/vod/2022/09-10/09/rxsugcmg1s00954rxsugcmg1s0162909.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 5250
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8017
content-disposition: inline; filename="rxsugcmg1s00954rxsugcmg1s0162909.webp"
etag: "631bee48-1f51"
last-modified: Sat, 10 Sep 2022 01:54:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f8630afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/heaoqf1tfv2.jpg
104.22.13.214200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/heaoqf1tfv2.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 292b5b2a1ff4345503dea39928fcd966
387455b428e0cfff560514068af434d579dba7f3
8052d546e8e5bd6b0015c29fb110f4afaf565c75167c6d4bc7d975420c91e0c6
GET /upload/vod/2022/12/heaoqf1tfv2.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7230
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9114
content-disposition: inline; filename="heaoqf1tfv2.webp"
etag: "63a7e799-239a"
last-modified: Sun, 25 Dec 2022 06:03:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f85c0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/kicofrm2oju0954kicofrm2oju192913.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/kicofrm2oju0954kicofrm2oju192913.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 238cdd523e81e9f5cba2388fbf49ca35
7de4666a5409c3b807b962192a4e3a22a7dfeef9
4aee103d02619e2aa89b54de0fa693042f4ef8b25c9eb615e80e5698507f6425
GET /upload/vod/2022/09-10/09/kicofrm2oju0954kicofrm2oju192913.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 12516
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13138, status=webp_bigger
etag: "631bee4b-3352"
last-modified: Sat, 10 Sep 2022 01:54:19 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b3f8650afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/4fquys1yrup09544fquys1yrup132901.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/4fquys1yrup09544fquys1yrup132901.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec5226451efd4534ec95369c92662dc6
f13decdd79744aaccc65988088c255c02265c51a
24093da6f9d13633dfc248b7073827e5d6e85214b920a19271216fbf043bdda7
GET /upload/vod/2022/09-10/09/4fquys1yrup09544fquys1yrup132901.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 7626
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8843
content-disposition: inline; filename="4fquys1yrup09544fquys1yrup132901.webp"
etag: "631bee45-228b"
last-modified: Sat, 10 Sep 2022 01:54:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f85e0afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/09-10/09/4gq43hofoaf09544gq43hofoaf152907.jpg
104.22.13.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/09-10/09/4gq43hofoaf09544gq43hofoaf152907.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52a676b8f4c9ab9ce5436e31faf7817a
969d7d1a186e00cec9792917de3886b2da040475
7c156af877a6238330a08ebadab71a9e3a8d440e9004cd8415c0c62686f8db83
GET /upload/vod/2022/09-10/09/4gq43hofoaf09544gq43hofoaf152907.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/webp
content-length: 6640
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7622
content-disposition: inline; filename="4gq43hofoaf09544gq43hofoaf152907.webp"
etag: "631bee47-1dc6"
last-modified: Sat, 10 Sep 2022 01:54:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 77fa20b3f8610afa-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/q3g1tt2g02s.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/q3g1tt2g02s.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7680546f01fcbbe708fc96599c666b9d
dd1c88c9e4b3faf32a0cfb922b3fd6c7b951f0a0
1730810155637cddcc0f1a700eafbc67fe627e9228bfc5b0181e892ac47e5dd4
GET /upload/vod/2022/12/q3g1tt2g02s.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 10829
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11313, status=webp_bigger
etag: "63a7e787-2c31"
last-modified: Sun, 25 Dec 2022 06:02:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20b4187d0afa-OSL
X-Firefox-Spdy: h2
wmbt13.xyz/template/mzm/images/video-play.png
154.22.124.29200 OK 1.6 kB URL HTTP/2 wmbt13.xyz/template/mzm/images/video-play.png
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/mzm/images/video-play.png HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/template/mzm/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 06 Mar 2022 14:17:50 GMT
etag: "6224c28e-61f"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 56ca0bacf9e027a20225f042ea135306
a8e33447f4eab5f083ebe80540a21f45ab384df4
cf88838d820b314d8b2a52ed56c802ae324af769c4d496a15b4f8dcbc409cdab
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 30 Dec 2022 10:05:19 GMT
ETag: "a8e33447f4eab5f083ebe80540a21f45ab384df4"
Last-Modified: Mon, 26 Dec 2022 10:05:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3472
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20b7ed30b524-OSL
wmbt13.xyz/template/web/xx2.js
154.22.124.29200 OK 739 B URL HTTP/2 wmbt13.xyz/template/web/xx2.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash 517ed67a1c0e2561fa266976dbdcbe2b
7e6ce12e3267ef96f34f0285ba3e4c378be2cf30
7e212cd4ae2e33f04dfd3a88fb39ffe0378bcb2c4e848c3dcab42067f76a375c
GET /template/web/xx2.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 07:56:50 GMT
vary: Accept-Encoding
etag: W/"63a80242-a1b"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/x.jpg
154.22.124.29200 OK 9.2 kB URL HTTP/2 wmbt13.xyz/template/web/GG/x.jpg
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /template/web/GG/x.jpg HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Thu, 02 Jun 2022 15:48:20 GMT
etag: "6298dbc4-23ce"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/mzm/css/zui.css
154.22.124.29200 OK 57 kB URL HTTP/2 wmbt13.xyz/template/mzm/css/zui.css
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash 98fc50d588842b3ef4848424ae4622f8
26aaf7bd456afb05d512bf8bac82465599fb3df5
da65cdc530ceb88ef2231c8a447c39665bc800f3ebb287041ac650ad7fadbca2
GET /template/mzm/css/zui.css HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 04:58:34 GMT
vary: Accept-Encoding
etag: W/"631ebc7a-18ca0"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/mzm/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
154.22.124.29404 Not Found 146 B URL HTTP/2 wmbt13.xyz/template/mzm/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/mzm/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://wmbt13.xyz/template/mzm/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 270ea7e201626d6efe27a75ee5fc78e7
82baabc42f0b1e6896dab83b0113706eecdb8f22
dc12bdde6912ae3c19f9816077409dc8319c3c84ce228f8128b74ba118118674
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1573
Cache-Control: max-age=136697
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:53 GMT
Etag: "63a90d01-116"
Expires: Wed, 28 Dec 2022 03:21:10 GMT
Last-Modified: Mon, 26 Dec 2022 02:54:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 558636fd881eef00f4b108471b796682
568899f3fff82474b3f7e18f3be814a04519d7c2
861520621ebfd4851f7de79bd24d1a18c67ef4db093b004726f22b47547c5692
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861520621EBFD4851F7DE79BD24D1A18C67EF4DB093B004726F22B47547C5692"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15332
Expires: Mon, 26 Dec 2022 17:38:25 GMT
Date: Mon, 26 Dec 2022 13:22:53 GMT
Connection: keep-alive
wmbt13.xyz/template/web/GG/k2.gif
154.22.124.29200 OK 32 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k2.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0dbd3863b60a1e8e0a507a6092e3acbd
81f0cfad3a7369aa95b1b507a5ce46149cd4e4fe
d3829461b69847e6df417e8eb4c4046ae45864fbb7d3646e7b1346a861bd893e
GET /template/web/GG/k2.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 32381
last-modified: Fri, 27 May 2022 05:31:09 GMT
etag: "6290621d-7e7d"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k6.gif
154.22.124.29200 OK 53 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k6.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Hash 74d864001115d3b123c552156accfbef
11ae3aef174b8fab213faa40b1b985f77dada46f
9001f1548a09cf89715469dc8d009f7aebb1a459d261c73a2f35d252bf88b4c8
GET /template/web/GG/k6.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 53324
last-modified: Fri, 27 May 2022 05:31:12 GMT
etag: "62906220-d04c"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/dh1.js
154.22.124.29200 OK 110 kB URL HTTP/2 wmbt13.xyz/template/web/dh1.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 110 kB (109824 bytes)
Hash 28e7dbb112579a737a146155b3031e6d
746d0e70280804b2e1ad2a4ae36b66d6b47bf603
b77bc3f72c0dd2e89e24b028c177882778beac61ea1c127716c09dc2aba2f3f6
GET /template/web/dh1.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 15:07:24 GMT
vary: Accept-Encoding
etag: W/"63a8672c-34f2"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/d5.gif
154.22.124.29200 OK 100 kB URL HTTP/2 wmbt13.xyz/template/web/GG/d5.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 100 x 100\012- data
Hash 025124b1ea32550544628c7205331a35
6015322cd2faae4cc93266267838878350ac5c70
b1f29051a416097599fa35479620adab7e3f3b5dac8d18c19147eff65955db21
GET /template/web/GG/d5.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 99494
last-modified: Wed, 16 Mar 2022 16:12:20 GMT
etag: "62320c64-184a6"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k4.gif
154.22.124.29200 OK 114 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k4.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 114 kB (114030 bytes)
Hash 79cf722c45cb4e5b3e7da0cfff829c98
71558743109d39b3163e3e873111641615c6f80c
37336e1d469f511d19c69cd7e3576ef2665204c7304e0b8dd2ec051dd78309e3
GET /template/web/GG/k4.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 114030
last-modified: Fri, 27 May 2022 05:31:11 GMT
etag: "6290621f-1bd6e"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
z4a.net/images/2022/12/12/960x60e449023c0081ea79.gif
104.21.234.235200 OK 320 kB URL HTTP/2 z4a.net/images/2022/12/12/960x60e449023c0081ea79.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 320 kB (319606 bytes)
Hash 443ba779af0bf3944718aa7e4e2038a5
7054a327b7d5a805a510fab7bb2b35d5cd2ec9ca
1461a63340b84e5c64f250e3ca4d3153df4cf60a1226eb2107bf37c5cfcdd8ee
GET /images/2022/12/12/960x60e449023c0081ea79.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:53 GMT
content-type: image/gif
content-length: 319606
expires: Thu, 14 Dec 2023 16:21:47 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1026066
last-modified: Wed, 14 Dec 2022 16:21:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZofuNHB9uDL5u0ZaaRdXov1k02KqS5h975cxDNQueq7Hu2PUDiyaCYCR65Wxs5c1eDd0VmcOnpkRSzlnmsBq3Qq4qDX4EkEYw8VQbP6SpGDJPtOTRp1rtLUZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77fa20baaa5c0026-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/11/01/960x60.gif
104.21.234.235200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/01/960x60.gif
IP 104.21.234.235:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/01/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:53 GMT
content-type: image/gif
content-length: 577945
expires: Thu, 16 Nov 2023 09:07:31 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 3471322
last-modified: Wed, 16 Nov 2022 09:07:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RqKXn5v9Vw03VUdh8em753cqJlYVQ5yAzeIXNl9EHiEefIsvH0g%2Bs%2FjpS%2BmMKxDGtH4%2BCZvXd747i4GD1xkeho55CZz9dVpiryB2k%2Bi%2Fxq2SpsWXAJc2tki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77fa20baca6c0026-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/7b.gif
154.22.124.29200 OK 24 kB URL HTTP/2 wmbt13.xyz/template/web/GG/7b.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 200 x 100\012- data
Hash 9ee83b5ee3f07af73531a34aa4a2d13d
fe9a1e899f23e9783c2d18853c37c4807693be61
6152200b695cc68098aee465505e1b601c16bc3293ee6e5330727680a42d24e4
GET /template/web/GG/7b.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 23783
last-modified: Thu, 10 Mar 2022 16:20:25 GMT
etag: "622a2549-5ce7"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21273071.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21273071.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 781d7d15f479a9e189c2386fa3de864c
c5961d475f059b1ce3640b6115a969db142644c7
e4ae14f1baa886acc497e7340da6f1c62ce9bc0669009df80f65ecc9b664c55b
GET /21273071.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 26 Dec 2022 13:22:53 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=bcfaed66be06a6b915; path=/
HWWAFSESTIME=1672060972908; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
kvexx.com/d766f59de772a56dbe1bc6cf1d0027ad.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/d766f59de772a56dbe1bc6cf1d0027ad.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d766f59de772a56dbe1bc6cf1d0027ad.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 26 Dec 2022 13:22:53 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?4bc5dc7e46082671827a59921f965700
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?4bc5dc7e46082671827a59921f965700
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash e9267574d92c744c2d04434fa62e9a9b
191f70e50cdf5cb75f226839915f218b3fd3ff08
2ffd678f8ec149d9fe43c73d141fa8a5d7b61e1426f315039ef042ad1d3f6533
GET /hm.js?4bc5dc7e46082671827a59921f965700 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 26 Dec 2022 13:22:52 GMT
Etag: 501ddc0311e4ebb04641bdda2672dae7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D465B2087CD98007; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70ade777f731ba3f5579f5e7a605fcaf
3c58416befab0175dab5d47a5d10df1753657ba5
930de882eeaa064eef9229b5a1ec91a8f5a0102d24f1a8a06e05b33d66cc9e60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "930DE882EEAA064EEF9229B5A1EC91A8F5A0102D24F1A8A06E05B33D66CC9E60"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18964
Expires: Mon, 26 Dec 2022 18:38:57 GMT
Date: Mon, 26 Dec 2022 13:22:53 GMT
Connection: keep-alive
wmbt13.xyz/template/web/GG/k14.gif
154.22.124.29200 OK 73 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k14.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /template/web/GG/k14.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 73223
last-modified: Sat, 28 May 2022 04:43:52 GMT
etag: "6291a888-11e07"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/a06.gif
154.22.124.29200 OK 111 kB URL HTTP/2 wmbt13.xyz/template/web/GG/a06.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /template/web/GG/a06.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 110624
last-modified: Sat, 18 Jun 2022 04:10:38 GMT
etag: "62ad503e-1b020"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k7.gif
154.22.124.29200 OK 104 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k7.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 71 x 71\012- data
Size 104 kB (104461 bytes)
Hash 9e38a9cebde88f45563c4aae36723d3a
126439ba503fc1757864c12e086fd0f1a165a4bc
93054ef4224e847d308892f23ca8d0bf210d5ba26d8c39502eb7016efd97501d
GET /template/web/GG/k7.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 104461
last-modified: Fri, 27 May 2022 05:31:13 GMT
etag: "62906221-1980d"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/11.gif
154.22.124.29200 OK 76 kB URL HTTP/2 wmbt13.xyz/template/web/GG/11.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 200 x 99\012- data
Hash b91a52dc89525aa53fa4cc9f51313fa5
04be88b70acd504b7bf5a9bb107b63da8c488639
91b59a9d450ebdc06502d1279ee2eef209a84a5d0434a46874a32c9bbc831ba9
GET /template/web/GG/11.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 76147
last-modified: Wed, 11 May 2022 08:23:40 GMT
etag: "627b728c-12973"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k20.gif
154.22.124.29200 OK 102 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k20.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 124 x 124\012- data
Size 102 kB (101861 bytes)
Hash da1fca07307a6c03cdcfb2d47313113a
f28a95877fad9e725a287466984d496ef7d53afb
9529e1f4226891780f02c558b7b75427b86eb8afa9e5667fd6e8527abf322209
GET /template/web/GG/k20.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 101861
last-modified: Sat, 04 Jun 2022 02:42:26 GMT
etag: "629ac692-18de5"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/a08.gif
154.22.124.29200 OK 80 kB URL HTTP/2 wmbt13.xyz/template/web/GG/a08.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Hash 3b6a5179b4a06bb8c98cab3aeaa698ed
c798dc8b16e3feaf91392cfa1cf839b4556fc243
64d5d65c65f47564411cce16d70dcca2aa83d5ad212ac46d3d9d0ba4ab8aee96
GET /template/web/GG/a08.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 80545
last-modified: Sat, 18 Jun 2022 04:10:39 GMT
etag: "62ad503f-13aa1"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/hf5.gif
154.22.124.29200 OK 171 kB URL HTTP/2 wmbt13.xyz/template/web/GG/hf5.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 70\012- data
Size 171 kB (171236 bytes)
Hash 520fabf1fb49a53846d582beea64350c
399df791c5a2244a6fc30543956bcbb62835dbd5
3d332e8626654196daff08c0993994ea65dfe34d960a9e703fba05ec89451401
GET /template/web/GG/hf5.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 171236
last-modified: Mon, 19 Sep 2022 07:11:12 GMT
etag: "63281610-29ce4"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k1.gif
154.22.124.29200 OK 167 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k1.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 167 kB (167104 bytes)
Hash 9387415ad469299bf6e3bb5c1bbc77e2
cc52974b6ed2239afbbd4088c675fceb0d75cd22
912ce0aceb7de66266542ec85454be033b0a285c975dd7fc8f0d43eecb8716ce
GET /template/web/GG/k1.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 167104
last-modified: Fri, 27 May 2022 05:31:09 GMT
etag: "6290621d-28cc0"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/7.gif
154.22.124.29200 OK 159 kB URL HTTP/2 wmbt13.xyz/template/web/GG/7.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 100 x 100\012- data
Size 159 kB (159399 bytes)
Hash 7c1ced688d2af934a1800ae8d89a226f
558b8353f1d66992ce01a67ba66af0ac966877bc
5acf95935750544793683da337ec48ecbadd4ecfe5c1b714ad47c97b5849c02f
GET /template/web/GG/7.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 159399
last-modified: Fri, 11 Mar 2022 16:19:12 GMT
etag: "622b7680-26ea7"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/mzm/fonts/iconfont.woff
154.22.124.29200 OK 525 B URL HTTP/2 wmbt13.xyz/template/mzm/fonts/iconfont.woff
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/mzm/fonts/iconfont.woff HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://wmbt13.xyz/template/mzm/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:53 GMT
content-type: font/woff
content-length: 525
last-modified: Sun, 06 Mar 2022 14:12:36 GMT
etag: "6224c154-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/d2.gif
154.22.124.29200 OK 162 kB URL HTTP/2 wmbt13.xyz/template/web/GG/d2.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 162 kB (161572 bytes)
Hash 64c0f3edc7b3bfd2a2c009f3b93ebd7d
70dee1bf54047d14220328f8ab47d299a679a519
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
GET /template/web/GG/d2.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 161572
last-modified: Wed, 16 Mar 2022 16:12:17 GMT
etag: "62320c61-27724"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k15.gif
154.22.124.29200 OK 142 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k15.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 235 x 235\012- data
Size 142 kB (141895 bytes)
Hash 0642504c72f3cf9929cfb7544deaca87
16d7028c32010330f5c9f2f8e71a69c4c7bcc859
a102356e14a84a958f692e5e9c2c4d2aa9765bc4cbc3232f9108ec8b46d5b07b
GET /template/web/GG/k15.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 141895
last-modified: Sat, 28 May 2022 04:43:53 GMT
etag: "6291a889-22a47"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/a01.gif
154.22.124.29200 OK 156 kB URL HTTP/2 wmbt13.xyz/template/web/GG/a01.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /template/web/GG/a01.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 156311
last-modified: Sat, 18 Jun 2022 04:10:34 GMT
etag: "62ad503a-26297"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/227.gif
154.22.124.29200 OK 477 kB URL HTTP/2 wmbt13.xyz/template/web/GG/227.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /template/web/GG/227.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 477289
last-modified: Fri, 14 Oct 2022 15:40:43 GMT
etag: "634982fb-74869"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 270ea7e201626d6efe27a75ee5fc78e7
82baabc42f0b1e6896dab83b0113706eecdb8f22
dc12bdde6912ae3c19f9816077409dc8319c3c84ce228f8128b74ba118118674
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1573
Cache-Control: max-age=136697
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:53 GMT
Etag: "63a90d01-116"
Expires: Wed, 28 Dec 2022 03:21:10 GMT
Last-Modified: Mon, 26 Dec 2022 02:54:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
wmbt13.xyz/
154.22.124.29200 OK 302 kB IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 302 kB (302052 bytes)
Hash 7a27dc2b107598601bf7cd4cd208cf96
0a150b4835ad9d4caff2c693aea8d79a37eb13b8
09830a3b9dfa3daa09e10cbcc5d0adb1ebde8bf2ab60349c7d0d946699dbbf87
GET / HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.51199713.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/dp1.gif
154.22.124.29200 OK 141 kB URL HTTP/2 wmbt13.xyz/template/web/GG/dp1.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 640 x 200\012- data
Size 141 kB (141174 bytes)
Hash 2846430b1663c942a9d2a92c559667cd
2b7d07a004fa13af572b8d5d6317594c1eee9eec
b1357936607e4478fa840a29b58e6714f0063f4a90e28571bd8c8be4e175d74e
GET /template/web/GG/dp1.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 141174
last-modified: Mon, 25 Apr 2022 12:29:49 GMT
etag: "6266943d-22776"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/t2.gif
154.22.124.29200 OK 254 kB URL HTTP/2 wmbt13.xyz/template/web/GG/t2.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 254 kB (253670 bytes)
Hash bace60a0adc9bdd54f7c83058456a847
4867fd68497b7db5c4e5bbdde781cf098dbabd22
17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368
GET /template/web/GG/t2.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 253670
last-modified: Tue, 10 May 2022 09:20:01 GMT
etag: "627a2e41-3dee6"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/t1.gif
154.22.124.29200 OK 221 kB URL HTTP/2 wmbt13.xyz/template/web/GG/t1.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 200 x 200\012- data
Size 221 kB (221303 bytes)
Hash 633e79a4d76e09af28eb7617340a6330
0aaef1ed9eed51ca839c4b8e88ca4988e27ec6cb
7363c1c913be071eb6240c6600c17b65e81b092944bb5f14c7013b5f96190fb3
GET /template/web/GG/t1.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 221303
last-modified: Tue, 10 May 2022 09:20:00 GMT
etag: "627a2e40-36077"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/y4.gif
154.22.124.29200 OK 258 kB URL HTTP/2 wmbt13.xyz/template/web/GG/y4.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 258 kB (257689 bytes)
Hash bbdd0bdf651352117671a182ae649b36
0913dc12c9378d9d5bc6aeefdba042fad4f95e8a
c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c
GET /template/web/GG/y4.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 257689
last-modified: Tue, 10 May 2022 09:20:09 GMT
etag: "627a2e49-3ee99"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/5.gif
154.22.124.29200 OK 292 kB URL HTTP/2 wmbt13.xyz/template/web/GG/5.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 256 x 256\012- data
Size 292 kB (291780 bytes)
Hash c41af62e6356770c1f7df79bbb3e1db5
0f765c11424aaa51365ec92c18ff4f75a972da5a
0b8a47216bb974bf8ce36542085e3dfb1b5fcf476efd4da2b630c4a325580de4
GET /template/web/GG/5.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 291780
last-modified: Wed, 11 May 2022 08:12:54 GMT
etag: "627b7006-473c4"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 495d895d2c2b3b77756759f1e511679c
96c85adb1b0e0869488fdbbeda208872814625a0
d069592b37feda8f7ac3ae239078be02286d3c80bed538e33e8b69a26b86a039
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Dec 2022 06:53:56 GMT
Expires: Sat, 31 Dec 2022 06:53:55 GMT
Etag: "96c85adb1b0e0869488fdbbeda208872814625a0"
Cache-Control: max-age=408061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20bcfb88b524-OSL
wmbt13.xyz/template/web/GG/55.gif
154.22.124.29200 OK 834 kB URL HTTP/2 wmbt13.xyz/template/web/GG/55.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 140 x 206\012- data
Size 834 kB (834244 bytes)
Hash 3965598665b057b276ed86263c36f334
f8374496c56ad6cd140a9bd009b0637c8ce91a35
5efcea93fd0c2cb8059ea79144c6bfb6b094b5810e21cf6e2168ef51ac2fd36a
GET /template/web/GG/55.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 834244
last-modified: Wed, 11 May 2022 08:28:17 GMT
etag: "627b73a1-cbac4"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/122.gif
154.22.124.29200 OK 301 kB URL HTTP/2 wmbt13.xyz/template/web/GG/122.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /template/web/GG/122.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 301024
last-modified: Wed, 09 Mar 2022 10:04:32 GMT
etag: "62287bb0-497e0"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/a07.gif
154.22.124.29200 OK 356 kB URL HTTP/2 wmbt13.xyz/template/web/GG/a07.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 344 x 292\012- data
Size 356 kB (355956 bytes)
Hash 7fcc1b0bc144505a6445039f16e7ae84
c102af587f677b89bb65f7e850a4ca4b41a45456
409d94d159f6c851b76881b6937460458b25a246e45bf6ab98f34efd9474ede8
GET /template/web/GG/a07.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 355956
last-modified: Sat, 18 Jun 2022 04:10:39 GMT
etag: "62ad503f-56e74"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/4.gif
154.22.124.29200 OK 279 kB URL HTTP/2 wmbt13.xyz/template/web/GG/4.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 200 x 113\012- data
Size 279 kB (279026 bytes)
Hash 42809e0a73309f01de7651ab3b712cb4
19a1658a10d4e8ca6831a824d4bccbb35dcbf113
da7e1e1332d196cde6cc3a7b9c758abb4493e9708799e7836551823dd399b13d
GET /template/web/GG/4.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 279026
last-modified: Wed, 11 May 2022 08:12:44 GMT
etag: "627b6ffc-441f2"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/k19.gif
154.22.124.29200 OK 288 kB URL HTTP/2 wmbt13.xyz/template/web/GG/k19.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 140 x 140\012- data
Size 288 kB (287575 bytes)
Hash e758cbb971464ca5059e4cdbc1a7601f
615032c5f3516cd6d685bde3c1214a5d05833cd1
df4ecca258502e6c66deb343d9fc8d0bf05e46927194a2e1bc6c652fb80ba71d
GET /template/web/GG/k19.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 287575
last-modified: Sat, 04 Jun 2022 02:42:25 GMT
etag: "629ac691-46357"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/ppll.gif
154.22.124.29200 OK 965 kB URL HTTP/2 wmbt13.xyz/template/web/GG/ppll.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 480 x 270\012- data
Size 965 kB (965446 bytes)
Hash 5f87eaa078aeb58fbe6a932225fe00e2
d155153be18e5b37704fa2b046751373a23bd708
55f2f4507e307aa3a6f26e06744510894d6a35a5289600b60120ddfca84e1cf9
GET /template/web/GG/ppll.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 965446
last-modified: Thu, 01 Dec 2022 04:59:16 GMT
etag: "638834a4-ebb46"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/BOB960x60.gif
154.22.124.29200 OK 403 kB URL HTTP/2 wmbt13.xyz/template/web/GG/BOB960x60.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 403 kB (402637 bytes)
Hash 37a0b0433f705268589e22f0772f301e
46fbd620e71eb59fde6a53e6d1f04a0cea03e9ee
439d6c73d6fa7ff6651024f6d2da79054c0a66868686c72236bc8bb6e5633970
GET /template/web/GG/BOB960x60.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 402637
last-modified: Sat, 24 Dec 2022 11:20:52 GMT
etag: "63a6e094-624cd"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 24bddc6ef1bc51ad860df1d4febab87a
bc94f22c0014aa4a0bbb5feb7ff602061633f392
8d6d6ea9c3c4e5b7766298f57cbf90c6623f5f799b0a7d0d70ba5d04a18545c4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 17:33:18 GMT
Expires: Fri, 30 Dec 2022 17:33:17 GMT
Etag: "bc94f22c0014aa4a0bbb5feb7ff602061633f392"
Cache-Control: max-age=360023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20bd5c1bb524-OSL
wmbt13.xyz/template/web/GG/yabo888960x60.gif
154.22.124.29200 OK 397 kB URL HTTP/2 wmbt13.xyz/template/web/GG/yabo888960x60.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 397 kB (396982 bytes)
Hash ed05f9c48d0d156448a528929016e817
d83e5a86cf733c1f2e230e011f059bdfd9641dd5
b136617753c14ccffcf415c0bef8d335e9f28bc5dd878f6d1e35a04fc7818fec
GET /template/web/GG/yabo888960x60.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 396982
last-modified: Sat, 24 Dec 2022 11:20:53 GMT
etag: "63a6e095-60eb6"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/BET960x60.gif
154.22.124.29200 OK 404 kB URL HTTP/2 wmbt13.xyz/template/web/GG/BET960x60.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 404 kB (404393 bytes)
Hash bcb5b8132c2435858fb6053027d78e95
7c87d8562099d61bbb65cc733638ee669fbd748b
7e34a9b921255990a7c2bcd0c1c412b0c6b45be20704ceb186768c228464225a
GET /template/web/GG/BET960x60.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 404393
last-modified: Sat, 24 Dec 2022 11:20:51 GMT
etag: "63a6e093-62ba9"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/a13.gif
154.22.124.29200 OK 674 kB URL HTTP/2 wmbt13.xyz/template/web/GG/a13.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 393 x 262\012- data
Size 674 kB (673882 bytes)
Hash 8f0aa6d32c03c602b0480194b2efdf4a
a2dfc596103bf743c9cf389e2b7a481a8bbedc96
2a54a439ea081c5418030b63dd4e0f247ff7089b1d7ba67a0fe6e2abcf466658
GET /template/web/GG/a13.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 673882
last-modified: Mon, 20 Jun 2022 04:59:55 GMT
etag: "62affecb-a485a"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/d10.gif
154.22.124.29200 OK 1.2 kB URL HTTP/2 wmbt13.xyz/template/web/GG/d10.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/web/GG/d10.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 119145
last-modified: Sat, 23 Apr 2022 04:49:11 GMT
etag: "62638547-1d169"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/dp2.gif
154.22.124.29200 OK 767 kB URL HTTP/2 wmbt13.xyz/template/web/GG/dp2.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 640 x 200\012- data
Size 767 kB (766938 bytes)
Hash 06f924cdbba4e6c4765765139a404682
7eaadc65f26a4fe45240e14f96c29aa53e721775
514dc1d00a06bed8dbb2a891aa73b6ff70cd32772f582df1c2c959c856d45a5d
GET /template/web/GG/dp2.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 766938
last-modified: Mon, 25 Apr 2022 12:29:50 GMT
etag: "6266943e-bb3da"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/dp4.gif
154.22.124.29200 OK 747 kB URL HTTP/2 wmbt13.xyz/template/web/GG/dp4.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 640 x 200\012- data
Size 747 kB (746571 bytes)
Hash 84e8edecf6c28c8218e0a7b1ad9ea414
3897e6bf1a2292c59b45e44d2b9c38e45f8f9a6f
356abb92d87698d59a4af16304d13e760b032739634c495fba68568e82d5c1ce
GET /template/web/GG/dp4.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 746571
last-modified: Mon, 25 Apr 2022 12:29:52 GMT
etag: "62669440-b644b"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/GG/01.gif
154.22.124.29200 OK 562 kB URL HTTP/2 wmbt13.xyz/template/web/GG/01.gif
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 380 x 570\012- data
Size 562 kB (561983 bytes)
Hash 311afec7a9e7d370b46adf41a45905e7
5460c5036e11ecf12f30d921e4dc811ad56f8b30
39da990b80811f9e29f4b4c1b9a0e7fc4f4b60a42c1f5d949b1ae1a9bbe80eb9
GET /template/web/GG/01.gif HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: image/gif
content-length: 561983
last-modified: Wed, 11 May 2022 08:12:48 GMT
etag: "627b7000-8933f"
expires: Wed, 25 Jan 2023 13:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9e83955220aacad97b4ff8f95d221df0
ee77ca6ebec33fac2f115b65212eab574f031260
9c78c8174476dd67137f2f705d80640d1960a2f09dbd0f7e049d369314ef6645
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 01:20:35 GMT
Expires: Mon, 02 Jan 2023 01:20:34 GMT
Etag: "ee77ca6ebec33fac2f115b65212eab574f031260"
Cache-Control: max-age=560860,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20bcf83db51d-OSL
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash c39663335fa9ad169eaa6ae81ea9740a
6393b7fde9db55f625a0e4c28e56109828915601
8681bb0a03c77a5d1a5f9c83ca675188358fbcdfab99140d1081571bf8299ba2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=867
Date: Mon, 26 Dec 2022 13:22:53 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash c39663335fa9ad169eaa6ae81ea9740a
6393b7fde9db55f625a0e4c28e56109828915601
8681bb0a03c77a5d1a5f9c83ca675188358fbcdfab99140d1081571bf8299ba2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 26 Dec 2022 13:22:53 GMT
Connection: keep-alive
X-N: S
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70ade777f731ba3f5579f5e7a605fcaf
3c58416befab0175dab5d47a5d10df1753657ba5
930de882eeaa064eef9229b5a1ec91a8f5a0102d24f1a8a06e05b33d66cc9e60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "930DE882EEAA064EEF9229B5A1EC91A8F5A0102D24F1A8A06E05B33D66CC9E60"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18964
Expires: Mon, 26 Dec 2022 18:38:57 GMT
Date: Mon, 26 Dec 2022 13:22:53 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 5000f82714791056e456df7899e15c8b
4c4458ac52fcf08d7883c6d70edd65d9278f4a43
017673654a23ac8594fae938868ecaadbafc0d02963cff0c66ae7fa6383327b4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Dec 2022 12:57:18 GMT
ETag: "4c4458ac52fcf08d7883c6d70edd65d9278f4a43"
Last-Modified: Mon, 26 Dec 2022 12:57:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1534
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20bf4ce6b4fd-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb8a8f7c84b4c59885dce989a8a7532c
d975b6318ba5327e0acd89cebd534fe2434e59fe
c37e3fac66ca9f3fcd9669892eeece175765f9216a14cb150ff1d3442aa8dbf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C37E3FAC66CA9F3FCD9669892EEECE175765F9216A14CB150FF1D3442AA8DBF9"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17014
Expires: Mon, 26 Dec 2022 18:06:28 GMT
Date: Mon, 26 Dec 2022 13:22:54 GMT
Connection: keep-alive
rootnetworksdv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash e980d78492a7e98dc3aa8589350ae50a
c2495fd6aae08b5751e2e9f65d0966c7600ac536
f2d7d3e7069e805cca41470b811a4d357ccb914546bdebfdf9d7dab30159155d
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 26 Dec 2022 13:22:54 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3427e82893fd532e2294755206677999
fa214d109e929a6d922c9e6268163bb8111b5e01
7b4549b06bd9baafd45fdac76c3117db178abe0de8ba163e510713e324f226d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 06:26:17 GMT
Expires: Fri, 30 Dec 2022 06:26:16 GMT
Etag: "fa214d109e929a6d922c9e6268163bb8111b5e01"
Cache-Control: max-age=320002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20be4d46b524-OSL
hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?959981931bea09b9a10c9c552a50e761
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash e4e70cc56c4cae0feac12da5e17b2c6d
eb6fbfa8434bc382417d9c387a12b3c3f913ed36
265e43c7ee969e382c830952eb9850ee1327ef5bb5dd29e0689686a20774d185
GET /hm.js?959981931bea09b9a10c9c552a50e761 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 26 Dec 2022 13:22:53 GMT
Etag: 8140364d8746001a914d512834394c01
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D07B4E11B2602CB5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b31bd34cf0a0539e652b5e86ea7e9b2b
bab1f2599d3b75d14e86774280cb86638fe1ab4b
1fcd9d8ef2102b04822e3c6d0edc593df57bd55694bdf88b923533961833e377
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Dec 2022 11:28:49 GMT
ETag: "bab1f2599d3b75d14e86774280cb86638fe1ab4b"
Last-Modified: Mon, 26 Dec 2022 11:28:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20bfad6ab4fd-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 477b6df930c43f413248f6e877a21c92
f07c15f9e9602efcf4440aef965ddf2f7bc98a7c
fbac1ca751b82441b04a5e890920f82ce8885e3d2952cd2a60f438fd71bd9d7a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Dec 2022 11:54:29 GMT
ETag: "f07c15f9e9602efcf4440aef965ddf2f7bc98a7c"
Last-Modified: Mon, 26 Dec 2022 11:54:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20bfbd76b4fd-OSL
hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?86ea3af34e71a9d5eae3e3255c8ace53
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash f0805c6c5bb1afdc850a954307dc09c0
95cd2043d408a2d69e69f616b090401c2ec86c4b
b7555a7522433db59727f47ebdb154875a5a1c4a5c09215d4bbec8e5e4fa8e3b
GET /hm.js?86ea3af34e71a9d5eae3e3255c8ace53 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 26 Dec 2022 13:22:53 GMT
Etag: bab2ddd62005a1126972c2b93194b0bb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=39298FABF11E3DD2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 35587f9c8e77f6472e42514203131862
310bfbc0bd426a8379ca38927ef2cd3c8be90a26
f7c6949cc7f7ea7ec940905fa7ee5975a896ffd86a8ef2fdc4d4064bc0310bb9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Dec 2022 15:19:40 GMT
Expires: Sat, 31 Dec 2022 15:19:39 GMT
Etag: "310bfbc0bd426a8379ca38927ef2cd3c8be90a26"
Cache-Control: max-age=438404,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20beea57b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b1ee2e978d6048970fd8de2043d8138d
3ba1be00a350b5c79ede32489dbe8ac70102ee64
9591813f3c2db5847eb1299e37704c0ebbfc155d0bb29d3398b07f34f5504b31
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 05:58:39 GMT
Expires: Mon, 02 Jan 2023 05:58:38 GMT
Etag: "3ba1be00a350b5c79ede32489dbe8ac70102ee64"
Cache-Control: max-age=577543,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20bf2b0efab8-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a081ee503bfc06f1475e07d621bc1c48
4a5d80b316c001fa3b3d0869f134dafe3bb18b7f
b5ce696aa86e6ebf0f8c6bb56e18cc43e5cd0f940a586cf9734dd429d9d3c12d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5CE696AA86E6EBF0F8C6BB56E18CC43E5CD0F940A586CF9734DD429D9D3C12D"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14458
Expires: Mon, 26 Dec 2022 17:23:52 GMT
Date: Mon, 26 Dec 2022 13:22:54 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d560fa969ab17a595c9c51a87b79fc23
fb8dd3b16e3acfe5ecef558f7c2596d9cc427913
27ed5c0d0f448bc2c84f706279dffcef733a24d393b847b327b4e9b165852978
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 11:09:42 GMT
Expires: Fri, 30 Dec 2022 11:09:41 GMT
Etag: "fb8dd3b16e3acfe5ecef558f7c2596d9cc427913"
Cache-Control: max-age=337006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20bfcd85b4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bcef59b65974a6baf5953a09829f38f2
556beaa6baeb2938fa502ac9a73c3691a151c136
1dcce77c5a4d630c981e41bce1d59ef150e417308fa1ebf2e7407a23352ef07f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:54 GMT
Server: ECS (amb/6B92)
Content-Length: 279
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1553205629&si=4bc5dc7e46082671827a59921f965700&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=980&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1553205629&si=4bc5dc7e46082671827a59921f965700&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=980&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1553205629&si=4bc5dc7e46082671827a59921f965700&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=980&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Dec 2022 13:22:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AED976EF95163999; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bcef59b65974a6baf5953a09829f38f2
556beaa6baeb2938fa502ac9a73c3691a151c136
1dcce77c5a4d630c981e41bce1d59ef150e417308fa1ebf2e7407a23352ef07f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:54 GMT
Last-Modified: Mon, 26 Dec 2022 13:22:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
kvhuuu.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
104.21.234.153200 OK 328 kB URL HTTP/2 kvhuuu.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
IP 104.21.234.153:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 328 kB (328164 bytes)
Hash 27b3d7f9fb788c290c5025ee779a7a86
549f03a050418ee932de6ac04508c6a49668341a
8e40d3a5d0773e3f69da3851dc6adfd4920b109a0d349a6d97da76cdc00f4717
GET /d766f59de772a56dbe1bc6cf1d0027ad.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wmbt13.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 328164
last-modified: Wed, 30 Nov 2022 09:05:08 GMT
etag: "63871cc4-501e4"
expires: Fri, 30 Dec 2022 09:37:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2259937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLEVX35kTdOpGcH4XvUMfSjFSMXN%2FhTfz4VhhzvI9Z6jR0PRXqYg06iN%2Fh2mRxbcAYwvOGBbwgSuAI5avrWElsgf8Xqgb7AllQAYoVB1ob4J6xzkd9YcuPwWf0iQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77fa20c13b36d170-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=877791303&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=877791303&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=877791303&si=959981931bea09b9a10c9c552a50e761&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Dec 2022 13:22:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5D3FCDB8D1D192AF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1195264357&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1195264357&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1195264357&si=86ea3af34e71a9d5eae3e3255c8ace53&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=981&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Dec 2022 13:22:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D16ACFF55F73F68D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
wmbt13.xyz/template/mzm/js/jquery.min.js
154.22.124.29200 OK 481 kB URL HTTP/2 wmbt13.xyz/template/mzm/js/jquery.min.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 481 kB (481096 bytes)
Hash ae5691d6bcad13a21b283fbc8996aba5
8d31e38886523d1fa640e5e9a162bb1b79cc81fb
a51e04bfcabfc1e8096a728c45f75a47e59741035a41874ad3bc84020847129e
GET /template/mzm/js/jquery.min.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 14:32:59 GMT
vary: Accept-Encoding
etag: W/"638a0c9b-1538f"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/app.js
154.22.124.29200 OK 74 kB URL HTTP/2 wmbt13.xyz/template/web/app.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash c21bbafca5ad2e6a4989113aebe2dc2f
812c7cf9783f511ea44268d0e71bac041eeaec87
f3af08df631d239e9d8b946cc62dcef72d786921d59e1c49d0f589c1e45733b6
GET /template/web/app.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 15:06:49 GMT
vary: Accept-Encoding
etag: W/"63a86709-325c"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/zxbf.js
154.22.124.29200 OK 98 kB URL HTTP/2 wmbt13.xyz/template/web/zxbf.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash f1da5df2d0387719ee3fc06a7c6437d0
247705990ad6bd6d94459c3eb90d189588dee864
5e7918479271e338676e3ffb71802bdb4b57e2f6adde329b83670cb05aa8ff37
GET /template/web/zxbf.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 15:08:36 GMT
vary: Accept-Encoding
etag: W/"63a86774-14c4"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
9366qq.com/92db527b11c14f6786a03e7d9360b8a2.gif
45.61.212.228200 OK 837 kB URL HTTP/1.1 9366qq.com/92db527b11c14f6786a03e7d9360b8a2.gif
IP 45.61.212.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 837 kB (837008 bytes)
Hash 584c3e9b6c2fd77fbb6885fa31881b67
827d9c49b8315888c220f34ee366ed694569f32e
d97ecf8f032827472d136c190f837c6fdc9bccdee52788dc6055bd7faf973030
GET /92db527b11c14f6786a03e7d9360b8a2.gif HTTP/1.1
Host: 9366qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63958c42-cc590"
Date: Mon, 19 Dec 2022 06:34:26 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 07:52:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-28
Content-Length: 837008
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash d4c26f241bba79313b3cc1a17ec792fc
038007c6246a7d16efda8d98d995cbc24a13b1f6
d63938e7c133b8d8cbf0c1500981eac0e5bbdf50eb35a617a6465a9da79ed263
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 30 Dec 2022 10:54:07 GMT
ETag: "038007c6246a7d16efda8d98d995cbc24a13b1f6"
Last-Modified: Mon, 26 Dec 2022 10:54:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20c49d95b524-OSL
hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?23623cf5f4a21b97670aa94e566ea294
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash bb46d7f8ab1869bb653d036774595312
6dbdedf2d835bb7147ba513a8317be112e34991f
ce51201e124a9567674669f220d836445b1b46e5687589cdb0d86f72989aa35e
GET /hm.js?23623cf5f4a21b97670aa94e566ea294 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 26 Dec 2022 13:22:54 GMT
Etag: a6a100f7f13c13e29011b5f3b2251b57
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BEB3949AF9563C94; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e78260ad405132de4c57977339bc8598
624ebcc2e9038cf62d132a5a2c8e3676346984b9
b9081b952d96586a19ba9101167c76a0ff636105c43aa571cec32ed3d1d10bbc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 08:47:58 GMT
Expires: Fri, 30 Dec 2022 08:47:57 GMT
Etag: "624ebcc2e9038cf62d132a5a2c8e3676346984b9"
Cache-Control: max-age=328502,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20c4be95fab8-OSL
kvegg.com/241ffcf0a5007067dad148a90c317e01.gif
172.83.155.45200 OK 153 kB URL HTTP/2 kvegg.com/241ffcf0a5007067dad148a90c317e01.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 153 kB (152944 bytes)
Hash e123b1db93fe85cdb6fac876a0c8e7e0
a53eefc6b115c80c1a86df90893831449c1b1468
ec066be9d1a0688679676cb0d8c3f307dc358085473c4b3cf1b263db64fa4e2a
GET /241ffcf0a5007067dad148a90c317e01.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 152944
last-modified: Tue, 06 Dec 2022 08:43:58 GMT
etag: "638f00ce-25570"
expires: Tue, 27 Dec 2022 01:22:54 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 624282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQO9ZfZ3twPCIHxY7YQkJxikv6Gtt5O43RlmGYxAsMbDxTTOzL1T0hnSsDcm7Ru9rt%2BJR6ktSwsCZLGfVlEq%2Bz6iY30B5p6CM9fXL1AD5%2Bg%2F670KfIbyYiEBlZ1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f1c295ad2bebcb-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/dh2.js
154.22.124.29200 OK 113 kB URL HTTP/2 wmbt13.xyz/template/web/dh2.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 113 kB (113322 bytes)
Hash 7feeb7fa02f69c1b9fd2cbfe07139834
f0a06b9fac35a87b481d578c7727032e9fb9fb5e
20f25bc0ccc8b57fff8dd40861206432d1fd6da8125500ceb87c762faabd15fc
GET /template/web/dh2.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 15:07:54 GMT
vary: Accept-Encoding
etag: W/"63a8674a-35aa"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7cb22773a5e48b786921772f9fdf1f48
10125706914da1b62bd4b8e978792ab6a807601e
bc4c4869fe0aa72b13fa6f4e1c1587fb63574cff1ad6eaeb83aeb9b1a50fe80d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Dec 2022 12:39:14 GMT
ETag: "10125706914da1b62bd4b8e978792ab6a807601e"
Last-Modified: Mon, 26 Dec 2022 12:39:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 42
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77fa20c5ce58b4fd-OSL
kzeoo.com/47e02a59b814807a640ae615b82c06ac.gif
172.83.155.45200 OK 214 kB URL HTTP/2 kzeoo.com/47e02a59b814807a640ae615b82c06ac.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 214 kB (213551 bytes)
Hash 38a577005d8da64f084a3f6624619e55
d271b81103a0c053eaaf5ba802158a2d7ea8e3c1
23d0f1ac9f00f07722d9b6496672e1e08e1e6657d5b6b36542f14d87f15eaa43
GET /47e02a59b814807a640ae615b82c06ac.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 213551
last-modified: Wed, 14 Sep 2022 11:24:46 GMT
etag: "6321b9fe-3422f"
expires: Tue, 27 Dec 2022 01:22:54 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1551934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDOdlDdebymaLfx%2Be%2BVlBxNc3vsIbQcxoUlaUUCpXufrslsYaH%2FYFhk2kKyCZRbe9uGWXVVZLwSWh9MBZNfashMcjo59PS%2FibWDQP4WBBleY9ZAQ1DjDD7QKR4HH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f403244c27c5e1-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash e8c23d3c7b18c01b1aac25b47c01b6f6
970e6dc09422171e8624fd7869300da23b600f3a
a9e6e79d1f1fadcf5057e2d963ffcc25d63085a254d5672e091f42992a09bb9b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:55 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 25 Dec 2022 23:13:52 GMT
Expires: Sun, 01 Jan 2023 23:13:51 GMT
Etag: "970e6dc09422171e8624fd7869300da23b600f3a"
Cache-Control: max-age=553255,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77fa20c51d79b4fd-OSL
wmbt13.xyz/template/web/xx1.js
154.22.124.29200 OK 272 kB URL HTTP/2 wmbt13.xyz/template/web/xx1.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 272 kB (271586 bytes)
Hash a9f06d467686755acf428578c9b040cf
5bf79ef2ed6b20d3cf079ee345a14406d571bf9c
a5fada51ebb4b2ba7bc6d21dfa6acff5ccd9b9156b8e6293fc28113ed733e39a
GET /template/web/xx1.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 08:50:48 GMT
vary: Accept-Encoding
etag: W/"63a6bd68-13f0"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
383guanggao.oss-cn-shenzhen.aliyuncs.com/200X200.gif
120.77.166.54200 OK 137 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/200X200.gif
IP 120.77.166.54:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 137 kB (136945 bytes)
Hash 77e56e44521598151bbc814814005448
204207c707cae73d562c4c8fcb1e8467eeabf2eb
a1275ab8c911c61150c5f68b2da51d30a146929e2c9478ab1a68db88a086ff6f
GET /200X200.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: image/gif
Content-Length: 136945
Connection: keep-alive
x-oss-request-id: 63A9A02E90531232371A4690
Accept-Ranges: bytes
ETag: "77E56E44521598151BBC814814005448"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6164053056264850434
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: d+VuRFIVmBUbvIFIFABUSA==
x-oss-server-time: 2
wmbt13.xyz/template/web/app2.js
154.22.124.29200 OK 720 kB URL HTTP/2 wmbt13.xyz/template/web/app2.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 720 kB (720217 bytes)
Hash 40c20b63d3c5c2e1ae1dea8c1158f313
a42d013088ced8131a974e98c1b00642c5df3c43
d16e5dcd484dd93e5d97c65dac35bb6351313be20c4496ad66a0e6b244181a28
GET /template/web/app2.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 11:00:32 GMT
vary: Accept-Encoding
etag: W/"63a82d50-40f"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/zyxf.js
154.22.124.29200 OK 760 kB URL HTTP/2 wmbt13.xyz/template/web/zyxf.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 760 kB (759668 bytes)
Hash 872c2e7709bb6e40921b5e29886cb156
2e662bb5b0182cbe201d5d6daac03b48721969f5
1c6fc6524f43949a7b3dda797f45db3482cbfcd791941ac066ab912b959f1e60
GET /template/web/zyxf.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 13:28:12 GMT
vary: Accept-Encoding
etag: W/"63a6fe6c-1a4e"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b192ea3a9e6ec408027a417802112fe7
9090b83df1992a261b64399a316cd13933dffabf
ea3d0b3cee1f48c16c5b8c07ae12fb13ff726a6b5cb62c71069f9323fdc4cf9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4198
Cache-Control: max-age=121326
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 13:22:55 GMT
Etag: "63a8c6b7-2d7"
Expires: Tue, 27 Dec 2022 23:05:01 GMT
Last-Modified: Sun, 25 Dec 2022 21:55:03 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 727
kzeoo.com/dc6a101fe66ff5b5451c5cfd06a5d193.gif
172.83.155.45200 OK 370 kB URL HTTP/2 kzeoo.com/dc6a101fe66ff5b5451c5cfd06a5d193.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 370 kB (369588 bytes)
Hash 8798d5e84c5026dc0ae409029e085cea
97ac4e376967d94bed563a5682f6dce3b3f797cc
d916e69d45187a9dc42167043c6e45406a088e6d7352c6c79cefcc0e60c8c6e3
GET /dc6a101fe66ff5b5451c5cfd06a5d193.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 369588
last-modified: Tue, 16 Aug 2022 11:19:06 GMT
etag: "62fb7d2a-5a3b4"
expires: Tue, 27 Dec 2022 01:22:54 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1687054
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MM9LrGyjTW1ShwJS32jWP9wXvpuxWqWQWuRyPSD4aj%2F0CUzX3%2BuYTQe7H02Q82AcyO2bnrbqCVPFPDZiC%2BmRAvCVUd7q7d47%2FVs%2BhNTaOzDC%2BL3roa9epam9rIs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f486165bb1c390-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
9030a.cc/1008-960x60.gif
154.85.10.21200 OK 245 kB IP 154.85.10.21:0
ASN #211392 Dream Cloud Innovation Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245135 bytes)
Hash b6eb4d9fd04fe63a7687677a8036e237
eac3cedc645a39478dc6ad3ec6ea97db621174b8
6b61596ae15b088b70b49d17c7b47eaffaa5f235c9215459334b85039af7f008
GET /1008-960x60.gif HTTP/1.1
Host: 9030a.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 04 Oct 2022 14:45:04 GMT
Accept-Ranges: bytes
ETag: "5c7ab8e3ffd7d81:0"
Server: Microsoft-IIS/8.5
Date: Mon, 26 Dec 2022 13:22:51 GMT
Content-Length: 245135
X-Via: 1.1 localhost.localdomain (random:85111 Fikker/Webcache/3.7.8)
Set-Cookie: fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Mon, 26 Dec 2022 23:53:22 GMT; max-age=7200; path=/
fikker-tkjk-8I2E=6AJN4WT7BW0g0mIaVuK7h92mbGRsXQjs; expires=Mon, 26 Dec 2022 23:53:22 GMT; domain=.cc; max-age=7200; path=/
p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
47.246.44.228200 OK 343 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 343 kB (343002 bytes)
Hash ce862703bd3a6fd9e7acc3c32453fe84
c27754e24547e935314ba986477cd326628af7e4
eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b
GET /obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 343002
date: Sat, 17 Dec 2022 10:28:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 10:00:43 GMT
nw-session-id: 2022121718004301013113605215982497p5k6801dy
nw-session-trace: 2022-12-17T18:00:43.827293149+08:00 42
x-bdcdn-cache-status: TCP_HIT
x-length: 343002
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 18:00:43 GMT
x-tt-logid: 2022121718004301013113605215982497
via: n128-134-083, cache14.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[3,0], cache3.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc03:15:482::74
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010ec35d8338a3c1341674e3d2464ee09a429c9c5af2fc930930b9ec60625c05f3b71a3d79f906afd2479681df4ec15d8b01af344e24d3e5df5584a5196f7e0400dfccab4c7d44dab881b7b096fd4eb23fa223bfc14da29e326a459a9a6aa15d8b
x-response-lb: image
ali-swift-global-savetime: 1671272903
age: 788072
x-cache: HIT TCP_MEM_HIT dirn:2:427158808
x-swift-savetime: Sat, 17 Dec 2022 11:36:55 GMT
x-swift-cachetime: 31531888
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16720609751374693e
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1873263686&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=982&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1873263686&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=982&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1873263686&si=23623cf5f4a21b97670aa94e566ea294&su=http%3A%2F%2Fwww.51199713.cn%2F&v=1.3.0&lv=1&sn=982&r=0&ww=1268&u=https%3A%2F%2Fwmbt13.xyz%2F&tt=%E8%93%9D%E5%A4%A9%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Dec 2022 13:22:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EFA4EB02BC651E6D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.70200 OK 288 kB URL HTTP/1.1 kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 288397
Connection: keep-alive
Date: Sat, 24 Dec 2022 08:26:22 GMT
Last-Modified: Sat, 24 Dec 2022 08:23:21 GMT
ETag: "e17bb688cfdae836ea866c47e92a022a"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: Ot72r_vJrEoVmUNvjEIyBxz_2vTYpBfG5gNighclEf34AWu_xLE7uw==
Age: 190592
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.54200 OK 299 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.54:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63A9A02ECC8CEC3138D5DC56
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 3
99883aaa.com/1db%E5%88%9D%E5%A4%9C71f0b7b41d4abb366e018109273.gif
103.170.15.98404 Not Found 146 B URL HTTP/1.1 99883aaa.com/1db%E5%88%9D%E5%A4%9C71f0b7b41d4abb366e018109273.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /1db%E5%88%9D%E5%A4%9C71f0b7b41d4abb366e018109273.gif HTTP/1.1
Host: 99883aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 26 Dec 2022 13:22:55 GMT
Content-Type: text/html
Server: nginx
X-Cache: MISS from yd11_13-cdn-g01-la2-28
Content-Length: 146
baidu6image63sina8.com/pics/960x60.gif
1.32.249.24200 OK 193 kB URL HTTP/2 baidu6image63sina8.com/pics/960x60.gif
IP 1.32.249.24:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 60\012- data
Size 193 kB (192672 bytes)
Hash 132816c896c6f881f51cb0cbd555f154
1c85b2954d81568e474e5e8432d53ea99af0512c
9d199a5b0f30dd4e15e5cfc3f9b291dd3f5aec59961155124e8ce6037cf6f17d
GET /pics/960x60.gif HTTP/1.1
Host: baidu6image63sina8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 192672
last-modified: Mon, 19 Dec 2022 11:57:49 GMT
etag: "63a051bd-2f0a0"
expires: Wed, 25 Jan 2023 13:22:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ia.51.la/go1?id=21273071&rt=1672060970087&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1672060970087&tt=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fwmbt13.xyz%252F&pu=http%253A%252F%252Fwww.51199713.cn%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21273071&rt=1672060970087&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1672060970087&tt=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fwmbt13.xyz%252F&pu=http%253A%252F%252Fwww.51199713.cn%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21273071&rt=1672060970087&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1672060970087&tt=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%2593%259D%25E5%25A4%25A9%25E8%25B5%2584%25E6%25BA%2590%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fwmbt13.xyz%252F&pu=http%253A%252F%252Fwww.51199713.cn%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 26 Dec 2022 13:22:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=605ecbeffb0ea854af0; path=/
HWWAFSESTIME=1672060972167; path=/
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 721fbd77a9f16efe86e3113ac11aedcc
cd39be04a84bf89dd242f5025d59908fb856e975
68826c29b82689d8dc63c3b178dd9319d722a92e5a395b6215bda2f982475a44
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=892
Date: Mon, 26 Dec 2022 13:22:55 GMT
Connection: keep-alive
X-N: S
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 48229ee35775c774178e004bc3960ed1
87944a94a23de53d501eeda5b640bd92547058a0
c8d18fd3b0a4b8a26deff735670693b6a6d484ffbaae724295ab6680c8ec2818
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 26 Dec 2022 13:22:55 GMT
Etag: "63a8b307-1d7"
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K3E1DLdBXLsCJLlzsifaYNhMx1MXt0RGIRiXp8Qn8vPf5xPMPGNqaA==
sz88.oss-cn-shenzhen.aliyuncs.com/388tyc/200x200.gif
120.77.166.72200 OK 316 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/388tyc/200x200.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 316 kB (316211 bytes)
Hash 2b577b10e5f392c22907d88a1e345a2c
88dd8107c3a39d6fc96b90fe4c79af98d4febad9
c044cf9dff60208f8910bc3022ee9f6df2ef7a240708df2313d10e12dea223c0
GET /388tyc/200x200.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: image/gif
Content-Length: 316211
Connection: keep-alive
x-oss-request-id: 63A9A02ED0DEFE3238F9B1EE
Accept-Ranges: bytes
ETag: "2B577B10E5F392C22907D88A1E345A2C"
Last-Modified: Mon, 19 Dec 2022 08:39:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17697870493530886801
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: K1d7EOXzksIpB9iKHjRaLA==
x-oss-server-time: 1
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash e906cb2ba72a8584d186110c91806ad8
1d175224e4d168a98843472e09c1e7dc7cd68216
d645522c5e7735ec4b3a305c57c40ff76c4b246868d3ff990d8cdcd9017b926a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=860
Date: Mon, 26 Dec 2022 13:22:55 GMT
Connection: keep-alive
X-N: S
wmbt13.xyz/template/web/dbxf.js
154.22.124.29200 OK 458 kB URL HTTP/2 wmbt13.xyz/template/web/dbxf.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Size 458 kB (458100 bytes)
Hash 0feb94decea998992ad6b2159383469d
6fcd5fc63ea54e45cc7cc130e18f1220533e8f37
cf788f25d5dc1e76abd485d70d81f0b16c7023dff576936dfa3424226fbba37d
GET /template/web/dbxf.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Fri, 23 Dec 2022 09:18:14 GMT
vary: Accept-Encoding
etag: W/"63a57256-7ad"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
baidu6image63sina8.com/pics/960x120.gif
1.32.249.24200 OK 266 kB URL HTTP/2 baidu6image63sina8.com/pics/960x120.gif
IP 1.32.249.24:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 120\012- data
Size 266 kB (265495 bytes)
Hash bc07d487822f069c5040261de3cac5cd
4f40658aec52510848be3e188948df9b0dfa81cb
1ad1f33379afef04502d37ef365ba63e1acdd67d8f31afbfa3e5c88ae330f105
GET /pics/960x120.gif HTTP/1.1
Host: baidu6image63sina8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:54 GMT
content-type: image/gif
content-length: 265495
last-modified: Mon, 19 Dec 2022 11:58:06 GMT
etag: "63a051ce-40d17"
expires: Wed, 25 Jan 2023 13:22:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8499683.com/8499/zzxx/960x60.gif
172.247.50.228200 OK 291 kB URL HTTP/2 8499683.com/8499/zzxx/960x60.gif
IP 172.247.50.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:55 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 76cdb36b7e3f1a10a138d3aed5ced0bf
b01fc70d0787a6818727a057930812d6ffe3cad8
dc3a1a0e0ddd7660761dc72b1c09963f8cf41072612982102d3b8b1300db7cfc
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87543
Date: Mon, 26 Dec 2022 13:22:55 GMT
Etag: "63a8427e-1d7"
Expires: Tue, 27 Dec 2022 13:41:58 GMT
Last-Modified: Sun, 25 Dec 2022 12:30:54 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K4ClexMGpw9inRQot83GSYQZj51ZyBhXq25Wz5FL3d1Mm8skau86Yg==
Age: 4264
kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
13.227.254.33200 OK 236 kB URL HTTP/2 kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 13.227.254.33:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 236 kB (236292 bytes)
Hash cd5e004cbaac71f638074f0cbe9746a3
4054e5695aa4e4ec6463f54e47575019088c08b4
5eec74f9163478267e1289dcd3b02be5581e9e0f6ede10a80fcdf4afadf149ec
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kzeww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 236292
last-modified: Thu, 15 Dec 2022 01:45:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 07:08:37 GMT
etag: "cd5e004cbaac71f638074f0cbe9746a3"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mHIUTJ3kCO0qfRvPCIxwK9I6xf3sncN2QKPMGBvymkvzdbtqlD1K0Q==
age: 22458
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.55200 OK 402 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.55:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 402 kB (401949 bytes)
Hash 84f5e7e4907b6cd9053b363f33b77c53
309a705272fea6d84c805fd12b0f1a65563f823b
ebfe8fe0061adb9df1abb8739d4975acaffedc85d286190e92148e5cd8b658b2
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Dec 2022 13:22:54 GMT
Content-Type: image/gif
Content-Length: 401949
Connection: keep-alive
x-oss-request-id: 63A9A02ED14BBC3333527DF9
Accept-Ranges: bytes
ETag: "84F5E7E4907B6CD9053B363F33B77C53"
Last-Modified: Tue, 20 Dec 2022 14:23:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1766787816591418203
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDM6da_qRgiIGU0ODQzNWY2ZGZlZDQxODNhMzlkYThlYWY5YTEyYTU5
Content-MD5: hPXn5JB7bNkFOzY/M7d8Uw==
x-oss-server-time: 1
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
13.227.254.100200 OK 919 kB URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 13.227.254.100:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 918679
last-modified: Mon, 19 Dec 2022 07:54:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 12:06:15 GMT
etag: "956582dd3aa22ca9b19bdd1d5e091e24"
x-cache: Hit from cloudfront
via: 1.1 d0df64d562de4c38403b4237a12e579a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: aJVV2Wy1OWfSYZlqA3jzisVGkVOZB07ErAt0Gls79MTtfm7pVocM3A==
age: 4599
X-Firefox-Spdy: h2
84998085.com/8499/100X100.gif
172.247.109.215200 OK 78 kB URL HTTP/2 84998085.com/8499/100X100.gif
IP 172.247.109.215:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 2a356b09582347aa8e14f82157577d23
5ab82f1945e48d35a5951978801da8a56c175b4f
7569060bfcfdfccea3239ff03cf21f782131cd72ee44e3ab17fac82461f8b50f
GET /8499/100X100.gif HTTP/1.1
Host: 84998085.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 13:22:55 GMT
content-type: image/gif
content-length: 77726
last-modified: Sat, 17 Dec 2022 15:33:39 GMT
etag: "12f9e-5f007cf720416"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaSjBiaGkyzib6j6VE8xLfQRARWuMBiafIh58c/0
43.129.255.47200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaSjBiaGkyzib6j6VE8xLfQRARWuMBiafIh58c/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaSjBiaGkyzib6j6VE8xLfQRARWuMBiafIh58c/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 26 Dec 2022 13:22:55 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 07:43:02 GMT
cache-control: max-age=2592000
x-delay: 36847 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: 5d35bc1a-fded-4fd7-b085-fbc5a8ec9558
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
183.255.37.34200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.37.34:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 13:22:56 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Sat, 21 Jan 2023 07:50:29 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
wmbt13.xyz/template/web/xx3.js
154.22.124.29200 OK 0 B URL HTTP/2 wmbt13.xyz/template/web/xx3.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/web/xx3.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 11:24:41 GMT
vary: Accept-Encoding
etag: W/"63a6e179-1664"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wmbt13.xyz/template/web/dipiao.js
154.22.124.29200 OK 0 B URL HTTP/2 wmbt13.xyz/template/web/dipiao.js
IP 154.22.124.29:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/web/dipiao.js HTTP/1.1
Host: wmbt13.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 13:22:52 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 14:24:22 GMT
vary: Accept-Encoding
etag: W/"62810d16-81a"
expires: Tue, 27 Dec 2022 01:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
13.227.254.28200 OK 0 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 13.227.254.28:0
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 902313
last-modified: Thu, 15 Dec 2022 02:17:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Dec 2022 17:37:14 GMT
etag: "8b4a95ea7cfbb7fb4d2b18efca5145f3"
x-cache: Hit from cloudfront
via: 1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: EfIOSGVS82gbB-SzaG8U6xC0yaFPcU2C_WLcqCOUXbfg22AI67ib2A==
age: 71141
X-Firefox-Spdy: h2
kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.55200 OK 0 B URL HTTP/2 kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.55:0
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wmbt13.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 20 Dec 2022 23:20:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3et8v0fz2ZnGYU9a8DYJmUOHChfoftTm0sYsx_Q827Aol20lTpQU8g==
age: 482567
X-Firefox-Spdy: h2