asyukk.com/
154.64.13.101301 Moved Permanently 0 B IP 154.64.13.101:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: asyukk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 27 Jan 2023 08:05:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.asyukk.com/index.php
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15818
Expires: Fri, 27 Jan 2023 12:29:29 GMT
Date: Fri, 27 Jan 2023 08:05:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3362
Expires: Fri, 27 Jan 2023 09:01:53 GMT
Date: Fri, 27 Jan 2023 08:05:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 07:42:58 GMT
content-type: application/json
age: 1373
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Fri, 27 Jan 2023 12:29:23 GMT
Date: Fri, 27 Jan 2023 08:05:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ce9r7JLcM/9eTQBKHqwlGsHD1UxXwxOjuK48F5CsVtffRce8vri/KGL44TrAxULAV5vYg4HO8sk=
x-amz-request-id: 51K7B854VEX5PZAJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 07:20:27 GMT
age: 2724
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 08:05:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 07:49:03 GMT
age: 1009
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.asyukk.com/index.php
154.64.13.101200 OK 488 B IP 154.64.13.101:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (519), with CRLF line terminators
Hash d3dc53950c1889c481c92cba6a9d5130
f93c17782958d12326da78720934a0c262979726
e2b6c80c071c4164273422e38693ec5cff33705f365b79e697997fcc84e813a5
GET /index.php HTTP/1.1
Host: www.asyukk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 08:05:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2294
Expires: Fri, 27 Jan 2023 08:44:06 GMT
Date: Fri, 27 Jan 2023 08:05:52 GMT
Connection: keep-alive
www.asyukk.com/common.js
154.64.13.101200 OK 651 B IP 154.64.13.101:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document, ASCII text, with very long lines (1246), with no line terminators
Hash 199087fde494d89ea8c9042a402d26b1
4a3dcba17d08a0cd70a9bd75b012b4fd28a7ac75
13bf5e260034160e7a0fd8b6a545cfbbfd2f7ec410dc10265ba2c17da6b23503
GET /common.js HTTP/1.1
Host: www.asyukk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.asyukk.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 08:05:53 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.asyukk.com/tj.js
154.64.13.101200 OK 258 B IP 154.64.13.101:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type ASCII text, with CRLF line terminators
Hash 3c92c33db2c0ee8a5e552440162cbc44
3ccf9b2015ab9350b289591731f5b3bb418c3616
922bffc552e1e892c6601393c395996eb6395a3ef2c47aa515dd85af04a0144f
GET /tj.js HTTP/1.1
Host: www.asyukk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.asyukk.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 08:05:54 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
push.services.mozilla.com/
35.161.26.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.26.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sHfjGuEdesrVCSKrkpSDEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBiq20foXYnmsTkZGalBnTC+1wU=
www.asyukk.com/favicon.ico
154.64.13.101200 OK 1.2 kB URL HTTP/1.1 www.asyukk.com/favicon.ico
IP 154.64.13.101:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.asyukk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.asyukk.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 08:05:54 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 01 Feb 2023 08:05:54 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d245675e980c75864620e4b615b4977f
40cc89ba9e352d81dbc0ea7fb2fa522b363f20d2
1d21887972d759d217e9f2fa6de1fb83e6462e220833f2f7aa2e5716aebceedb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D21887972D759D217E9F2FA6DE1FB83E6462E220833F2F7AA2E5716AEBCEEDB"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 14:05:53 GMT
Date: Fri, 27 Jan 2023 08:05:53 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 618a0b0bd93b368bf73f7efc09fee8e9
6f62c54b98406dd450c75d3502286d9657657530
b2c9f0d99d5c1de5df111361a64fe8cc2c86e72cee9c2df1ae9a7ed123834f4a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 31 Jan 2023 05:28:32 GMT
ETag: "6f62c54b98406dd450c75d3502286d9657657530"
Last-Modified: Fri, 27 Jan 2023 05:28:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3441
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fffc5fd837fab4-OSL
qmjijs-niudyeh-eyqujd.com/
207.60.165.146200 OK 6.4 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/
IP 207.60.165.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1252), with CRLF line terminators
Hash 1a721831f7ea2d89d4c665f950df86f5
ac0e1e69fc04debb3a6f348adee9c16a7d443e56
5ac9636c4f97d528ec702e15462879c2ac71bc44a691da368744eb4c4dadbeb7
GET / HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.asyukk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=64404debgoh0cjoihfugfvt2j4; path=/
X-Powered-By: PHP/7.1.33, ASP.NET
Date: Fri, 27 Jan 2023 08:05:54 GMT
Content-Length: 6431
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b34bba53c6a5033392b61b8e99088efe
3ede4f94b135e22a542eccc275dbaa2e12ec1914
c0d59cfa5803a2592377ae4a09aa0ba26cfb445e408191ee5365fab02705e861
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C0D59CFA5803A2592377AE4A09AA0BA26CFB445E408191EE5365FAB02705E861"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1422
Expires: Fri, 27 Jan 2023 08:29:35 GMT
Date: Fri, 27 Jan 2023 08:05:53 GMT
Connection: keep-alive
qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/ate.css
207.60.165.146200 OK 4.5 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/ate.css
IP 207.60.165.146:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Accept-Ranges: bytes
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 4498
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx1.js
207.60.165.146200 OK 244 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx1.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash f93dc062456c49fd5105b7ef78abb84f
1f2597ef1b0595a9a349bcc1873d12adf2ec30e1
5c1c99538473331deb53310bb2430209b53c22ff110ba976ac38c5852944dffd
GET /template/m1938pc/ads/xx1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "87a3df1783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 244
lbfm.lbpictupian.com/upload/vod/2023/01/us30mcct35e.jpg
104.22.13.214200 OK 3.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/us30mcct35e.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8483e054493d14b9a53823b04721bde
1c2436f41a481d309965edc5b78b7c1783f50c66
ecec945d018800b1eecf8a93898a5d3ac485865d5ab5c85b38c64c64422ced56
GET /upload/vod/2023/01/us30mcct35e.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:53 GMT
content-type: image/webp
content-length: 3622
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5669
content-disposition: inline; filename="us30mcct35e.webp"
etag: "63bbe90a-1625"
last-modified: Mon, 09 Jan 2023 10:14:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78fffc625de7b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/4txgvjsgvih.jpg
104.22.13.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/4txgvjsgvih.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b73f1e1fab9c99b38d817aea8cf439a
70ed55e09f41069f7105090b204a6d0212a620f3
cb2572676836fbb547a6ff94f7eb4786c290d5bed6c3f7ebad4c27f68916eb36
GET /upload/vod/2023/01/4txgvjsgvih.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:53 GMT
content-type: image/webp
content-length: 6946
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8083
content-disposition: inline; filename="4txgvjsgvih.webp"
etag: "63bbe906-1f93"
last-modified: Mon, 09 Jan 2023 10:14:30 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78fffc624dd5b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/5g15m0gecg1.jpg
104.22.13.214200 OK 5.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/5g15m0gecg1.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 67x90, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e8ad41d8f472d84a059ed2ff094cedc5
91a53de54e4df5957b1e8f6f5e1759bf673324a9
b65e5f4775e3f21e73ff6fca15fcd3c8d9a95373e58bdcb57557569d75ae509f
GET /upload/vod/2022/12/5g15m0gecg1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 5473
last-modified: Sun, 25 Dec 2022 06:12:16 GMT
etag: "63a7e9c0-1561"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624ddbb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/oyf0hv4dlwn.jpg
104.22.13.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/oyf0hv4dlwn.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c45b2eab1caa93a0bdc0925e5946f133
94596d08ccc528e7a0192d2ca0a74890e9300569
fa177c1f6af6efeb8f3252c6396ee1f1162fe591d8221dc83784c6bf384e8ea7
GET /upload/vod/2023/01/oyf0hv4dlwn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/webp
content-length: 8560
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9599
content-disposition: inline; filename="oyf0hv4dlwn.webp"
etag: "63bbe902-257f"
last-modified: Mon, 09 Jan 2023 10:14:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 78fffc624dd6b52d-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11414
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 08:05:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11414
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 08:05:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11414
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 08:05:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0lNizMpeWOcOlokaaW-WB7LXRReZwaFfPE38C-SmsS_PbxJPhcRYfw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 15:21:30 GMT
age: 60264
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KGNpzuI2ny_1LH90atWa09SPYG7Ovolbv_KvL8nC6fUk59z-6TFsMQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:08 GMT
age: 18046
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 464592dade1d7207d58b22d5d09d9254
3caa2537edfe4c738540884b3eda51e437d26f4d
c0cdec94ff460c4b875657bb53ed90ef2ef786a2b8095d1ebf09365556536375
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4627
x-amzn-requestid: 38f2ed09-3a2e-4b5d-bde9-24fd7467d1a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZJE-BIAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3a-4ad90b1c2883444f547b6f84;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pl5Ta4lZHz2a_R1U3OnL1AZFcLc4Ez6_2U7WZ6ZYUC26k9r7m6mxXw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:12 GMT
age: 18042
etag: "3caa2537edfe4c738540884b3eda51e437d26f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 56059
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 06:24:42 GMT
age: 6072
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 48595
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dh.js
207.60.165.146200 OK 242 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dh.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash db1c9c2405e06b09eb7b7feb4bc82527
e88350915915b90c3515f8aec70d52b2484b1377
37e40d7f15c0b1413d162128a00ddc5a1258407d9412a5762e3b016c6693b17d
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "1e2eca1783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 242
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx2.js
207.60.165.146200 OK 244 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx2.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash 99446a73e5eda927d73023bd0712fecf
1fbeed691d4c28403b6550a7c8f939b611b6dcb0
b99cc6b936530c9a3204d4a8a7b3bc11f62723b27b369056dc248cd386b6df83
GET /template/m1938pc/ads/xx2.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "8f66e41783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 244
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dh1.js
207.60.165.146200 OK 243 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dh1.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash 966620300bdf99d9f5b01313194f1346
bf4624a88ccf0f55515592dd8d092617772f1f36
9e3e5442fdf66db59fe2bfc681194017a0ffab505c21308fefd66fde1c02aaaa
GET /template/m1938pc/ads/dh1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "e353d11783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 243
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/1.js
207.60.165.146200 OK 241 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/1.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash ccc132f6755c63beb258d2a69c850f49
eabb3a5ff7efe03f5b53c7254eee2d8a410a6d34
77e4dd178e7cf9a8d4cc44200aecafb035f493751d38d2efba9209274ec36975
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "58f1ed1783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 241
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/app.js
207.60.165.146200 OK 243 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/app.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash 06ba7815bbe934f68c756ef2de1e2971
e5166b14d7fc9915956c47ec8056e330bad2881e
5c5961fa41bde7a147033395bc25c4cc1c2c7ec3e350a1643f199a8b33c693e6
GET /template/m1938pc/ads/app.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "e840be1783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 243
lbfm.lbpictupian.com/upload/vod/2023/01/fxrehs0fxuc.jpg
104.22.13.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/fxrehs0fxuc.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 62f10c643c15e6edbb1a9f0ef9c16ee7
4be5108eba8d059a55d52fb773720aee4d08abc1
d67df0125d7194be42da97d210c3e3d07222fa3f07e99c7d0025a8dd2f03ca4e
GET /upload/vod/2023/01/fxrehs0fxuc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 8861
last-modified: Mon, 09 Jan 2023 10:14:07 GMT
etag: "63bbe8ef-229d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de2b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ispyb0bj0n5.jpg
104.22.13.214200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ispyb0bj0n5.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 723315b8437b74a625226c9b75bcd685
8cffc1044927df43882362e1b25001c1c09de31b
9e454430645ea893f658584323e88dcf776b73bd88ade5df1b6c3130c63cefbd
GET /upload/vod/2023/01/ispyb0bj0n5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 9126
last-modified: Mon, 09 Jan 2023 10:14:03 GMT
etag: "63bbe8eb-23a6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625decb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/e0p3d3pv4qw.jpg
104.22.13.214200 OK 9.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/e0p3d3pv4qw.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 8cd986d8df9bf3c91fd556efb5800512
a90774bfc90d0aa69e3b07404f1908b4eef3a8d0
cbaa933cf03e900194b235c7fc63ba74e9c7a96344cb2ffc3745d3949662951a
GET /upload/vod/2023/01/e0p3d3pv4qw.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 9678
last-modified: Mon, 09 Jan 2023 10:14:39 GMT
etag: "63bbe90f-25ce"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de8b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/phfckxex0l4.jpg
104.22.13.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/phfckxex0l4.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 241x180, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4ad7ba27fc10e05273326c13e3851e7e
3db084dea9309c029d89383026ec4cbfa430e073
a04782f2b75d307b47c926c1779258267267c467964a4eebabc84a035409ff3f
GET /upload/vod/2023/01/phfckxex0l4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 7070
last-modified: Sat, 07 Jan 2023 09:06:01 GMT
etag: "63b935f9-1b9e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625debb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/mgc1bsembex.jpg
104.22.13.214200 OK 9.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/mgc1bsembex.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 8d9924aba72711e0091b5654a1d87079
9ad47843e0f9969e9e24822dc48125de09767cc9
dbbc2b69687fba0e9ca437dbfd28047cdaf8b31a31d7d706f2b271650f7b07df
GET /upload/vod/2023/01/mgc1bsembex.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 9005
last-modified: Mon, 09 Jan 2023 10:14:16 GMT
etag: "63bbe8f8-232d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de5b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/2wqnjk5mpxe.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/2wqnjk5mpxe.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 898fd0c2380694618296cd85397be66d
ce2e15ddbad49226ac7f97a4e855e3d36353baab
ee027d58fa420db780b5832e5b4db141f67d48be9ecb7504836f9c0d02819c48
GET /upload/vod/2023/01/2wqnjk5mpxe.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 8678
last-modified: Mon, 09 Jan 2023 10:14:21 GMT
etag: "63bbe8fd-21e6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de6b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ciixpe23zai.jpg
104.22.13.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ciixpe23zai.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 81c5d740bbd2f9ac3a3d4d3e4690544a
e065ed22cc3b91f8521ccac60474d60c18ce2d01
1821d176c76f6a68771fdf09e8a3afbee28dd02de6a813a5b74e2fc13831418b
GET /upload/vod/2022/12/ciixpe23zai.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 7844
last-modified: Sun, 25 Dec 2022 06:12:39 GMT
etag: "63a7e9d7-1ea4"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624ddeb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ka0yq34zzu5.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ka0yq34zzu5.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5a795d4979aa8eeb07af9292462921a6
14777371d69db1804eada84a14f1343417a454ec
221aa485117015aa2e2f49d685b27c5a97aab34be6b03d49b0a74198d0918e02
GET /upload/vod/2022/12/ka0yq34zzu5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 11789
last-modified: Sun, 25 Dec 2022 06:12:22 GMT
etag: "63a7e9c6-2e0d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624dd8b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/3w0vov0cgph.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/3w0vov0cgph.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b5fe1c3768896d6c8705880bd4f9a2df
8784639f358788efb92315155529aa5e09f85cc1
a721c46a2a3a07c69d47eae481b2028b140095c9e9261cd931ef199afc7b5a1a
GET /upload/vod/2022/12/3w0vov0cgph.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 7648
last-modified: Sun, 25 Dec 2022 06:12:12 GMT
etag: "63a7e9bc-1de0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624ddcb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/cy1bq0wocxh.jpg
104.22.13.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/cy1bq0wocxh.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eee1c5c6de4ee7a9e9cefd1e534aa58f
4982416a164d8b55f127334d3dde005b12fe5240
c48dbb68e853aced4fe840e7249c6b89be027de1755415835e96d2924c0deb0c
GET /upload/vod/2022/12/cy1bq0wocxh.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 6389
last-modified: Sun, 25 Dec 2022 06:12:26 GMT
etag: "63a7e9ca-18f5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624dd7b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/bnhmeesa5h0.jpg
104.22.13.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/bnhmeesa5h0.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash eb2b96d8ee86d6b73b528cfefe418969
a6d89e2f83eb06b87c80a97bf0c0369d3f0be258
17f6e48d555286f263200ea0f9297e3b2cbe46e9656da86e58e66521320e4471
GET /upload/vod/2023/01/bnhmeesa5h0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 8135
last-modified: Mon, 09 Jan 2023 10:14:12 GMT
etag: "63bbe8f4-1fc7"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de3b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/xdeqrofwi0u.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/xdeqrofwi0u.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 37d431153c357a4aea53748dfeb6dbd0
0e1686b67bb6499b7463ff36fe3878ae2d8d7a4b
edf5bf503236f911eb164864db3aca8b4a6c4295ca68e1160b72a1351923b61b
GET /upload/vod/2022/12/xdeqrofwi0u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 11478
last-modified: Sun, 25 Dec 2022 06:12:34 GMT
etag: "63a7e9d2-2cd6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625ddfb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/irggxreocuz.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/irggxreocuz.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 8b8f00d8fdcdc2d674471d05b866873d
e26813b3e8618fe6a39533f347010eba7a581d15
6e7c637fdad14491e6a3e24195605f9b54deb4ac7c8f0bde82fb4e7d144c1f52
GET /upload/vod/2022/12/irggxreocuz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 10994
last-modified: Sun, 25 Dec 2022 06:12:30 GMT
etag: "63a7e9ce-2af2"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc625de0b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/12135orqhmc.jpg
104.22.13.214200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/12135orqhmc.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c5ef5dac82d32833b4d70a6c3d5d17ed
7f1da0e1a5f0717f327c5d84e5c1fc47b280bba6
a953b00c152fe67a008f7f0e5fa7a561386e0fbe0e23ad98149ee34c0ee30583
GET /upload/vod/2022/12/12135orqhmc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:54 GMT
content-type: image/jpeg
content-length: 7658
last-modified: Sun, 25 Dec 2022 06:12:43 GMT
etag: "63a7e9db-1dea"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc624dddb52d-OSL
X-Firefox-Spdy: h2
qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/zui.css
207.60.165.146200 OK 15 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/zui.css
IP 207.60.165.146:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 48c376278eb9da985b90bb1612dbeee1
4d755742285a8bc38f9c73b3a5976c6b381e3c32
af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Accept-Ranges: bytes
ETag: "0e972e6ef4d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 15351
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx3.js
207.60.165.146200 OK 244 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/xx3.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash e3bdb2779038505e39e14969852b3372
8791fcc7ba23c5509084ac7445cade00bbce1801
613f52482aeffad7902cd256bdf24c53b184343768c28f2842cf7eae8e1492b6
GET /template/m1938pc/ads/xx3.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "a12ce91783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 244
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dl.js
207.60.165.146200 OK 242 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/dl.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash 9a3cac0d1107aa36fe480c0410f2d14a
31731a2c332e029c1ee79c80350a496c3b60de8a
1a9275749428a8198c50f83410b712575264c372d3f5c7f56d25f48ae6e27642
GET /template/m1938pc/ads/dl.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 12:52:12 GMT
Accept-Ranges: bytes
ETag: "9e18d61783efd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 242
qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/tj.js
207.60.165.146200 OK 207 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/ads/tj.js
IP 207.60.165.146:0
File type HTML document, ASCII text, with no line terminators
Hash 084babe5e6eeca2f4f759f31a1ab5fbe
563ae3cde979c7c87fdacb20d58ecd2f8f6d842b
c6ca6baec4b44cf0bf56a85937a62f09e3bfeee6052a7f3dafba95205cc9628f
GET /template/m1938pc/ads/tj.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2022 10:46:00 GMT
Accept-Ranges: bytes
ETag: "a7a9e76b7210d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 207
hm.baidu.com/hm.js?dacaa8e964b15b8df2c30dd6e04d6612
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dacaa8e964b15b8df2c30dd6e04d6612
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash fda4003ddb837926465da6de8b453c48
6bc2cfa7d490a4d718d29d5b2b6f7ab23e845ca7
f1f87159218b0cb17268251ae5be19121d73174320b903f99b38b686eb3fcdff
GET /hm.js?dacaa8e964b15b8df2c30dd6e04d6612 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.asyukk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 27 Jan 2023 08:05:53 GMT
Etag: f622d12edc09cc8999a64f7fc7618719
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E91A28B04E4DFB60; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/1.gif
207.60.165.146200 OK 254 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/1.gif
IP 207.60.165.146:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 11 Jun 2021 00:37:22 GMT
Accept-Ranges: bytes
ETag: "04ddf1595ed71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 254
qmjijs-niudyeh-eyqujd.com/js/xx1.js
207.60.165.146200 OK 948 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/xx1.js
IP 207.60.165.146:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 58d3ce0d334f982a4590599d5631f835
15ade529ab4855a392bd2df5730af43dd4402453
b8bc10ed69eac9786f51907d15a85dca322904b2fb36f3adbb411852c0223e21
GET /js/xx1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 26 Jan 2023 13:02:01 GMT
Accept-Ranges: bytes
ETag: "802a2f618631d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 948
qmjijs-niudyeh-eyqujd.com/js/dh1.js
207.60.165.146200 OK 694 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/dh1.js
IP 207.60.165.146:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9c52e72171173d7c1c2e39f739f5ae2a
a3fac115bb057868049d1f02c5dc1579c4d26ca3
ff2dc3eb255985bd2884c00b2d0d3312c2fb4253d122bdf9cf52aa3ea90b8dd8
GET /js/dh1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 05:22:00 GMT
Accept-Ranges: bytes
ETag: "08c1e48f32d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:55 GMT
Content-Length: 694
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1335209088&si=dacaa8e964b15b8df2c30dd6e04d6612&v=1.3.0&lv=1&sn=59829&r=0&ww=1280&u=http%3A%2F%2Fwww.asyukk.com%2Findex.php&tt=%E5%90%90%E9%B2%81%E7%95%AA%E6%92%A9%E9%A9%B9%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1335209088&si=dacaa8e964b15b8df2c30dd6e04d6612&v=1.3.0&lv=1&sn=59829&r=0&ww=1280&u=http%3A%2F%2Fwww.asyukk.com%2Findex.php&tt=%E5%90%90%E9%B2%81%E7%95%AA%E6%92%A9%E9%A9%B9%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1335209088&si=dacaa8e964b15b8df2c30dd6e04d6612&v=1.3.0&lv=1&sn=59829&r=0&ww=1280&u=http%3A%2F%2Fwww.asyukk.com%2Findex.php&tt=%E5%90%90%E9%B2%81%E7%95%AA%E6%92%A9%E9%A9%B9%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.asyukk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 08:05:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0753BA0F6495A8BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
qmjijs-niudyeh-eyqujd.com/js/dh.js
207.60.165.146200 OK 124 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/dh.js
IP 207.60.165.146:0
File type ASCII text, with CRLF line terminators
Hash cc5c32f97f891d6c66b6ed998db31f56
62594332355a4b76d9f850783a9a20c291c56647
c4b9bce4b92494faa0e6cd2680750266111ef4db6fa6748c9e1f624e2d95c5ec
GET /js/dh.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2022 10:48:37 GMT
Accept-Ranges: bytes
ETag: "a6893cc97210d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 124
qmjijs-niudyeh-eyqujd.com/js/app.js
207.60.165.146200 OK 884 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/app.js
IP 207.60.165.146:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash fb74b3de90e39607fbdff280e68ed003
523f59618ee64bed91380704d91752865ebe368d
491b7ef27aa7ad0100b08f78e17502eda9a3c56f22afc108667e2044bd094698
GET /js/app.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2023 07:26:29 GMT
Accept-Ranges: bytes
ETag: "e43e4bafb228d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 884
dimg04.c-ctrip.com/images/0104412000ae3cdtoFD12.gif?proc=autoorient
104.110.17.24200 OK 13 kB URL HTTP/2 dimg04.c-ctrip.com/images/0104412000ae3cdtoFD12.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash c629670fb1e01dae101f66326c61b652
a4603c10f9ae33d366c8369ea13caf38300b40c9
158b54c1a79760e1caa291e68756b80660641906191eb20eaec77c2bedc782af
GET /images/0104412000ae3cdtoFD12.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 13094
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 141
cache-control: max-age=5975955
expires: Thu, 06 Apr 2023 12:05:10 GMT
date: Fri, 27 Jan 2023 08:05:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
104.110.17.24200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5970598
expires: Thu, 06 Apr 2023 10:35:53 GMT
date: Fri, 27 Jan 2023 08:05:55 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
qmjijs-niudyeh-eyqujd.com/js/xx2.js
207.60.165.146200 OK 545 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/xx2.js
IP 207.60.165.146:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 146fd29c37021059a6ce130b3e5b15ca
402eb4f4b4975541fb6b8f3d2180f31a6deb0e74
8012e1e66bbede8a2d368b3c9bb42db35a1a7ad80d96cb3d2d1d22dc86c6cf83
GET /js/xx2.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2023 07:26:29 GMT
Accept-Ranges: bytes
ETag: "992d57afb228d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 545
qmjijs-niudyeh-eyqujd.com/js/1.js
207.60.165.146200 OK 731 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/1.js
IP 207.60.165.146:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash db6fa1b8b6143766cb5437b49abc1ac3
977e9bc9b34c74dba42922b39c53f15cf7da622b
8d21dfbe2157d5808c6815af362191b54c6b975ad9354eacb6c3a12ee7a3bd9e
GET /js/1.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 05:22:00 GMT
Accept-Ranges: bytes
ETag: "80177148f32d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 731
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8915bae72d75d09232c2fb39c6336d64
637b774c1bea20e849c7bcc4c5b6daa9ac7062ad
825b84fdc9f1c56589c37ef46bda07ac12685b3f5b4f7049ed470ad305986502
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "825B84FDC9F1C56589C37EF46BDA07AC12685B3F5B4F7049ED470AD305986502"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Fri, 27 Jan 2023 11:35:49 GMT
Date: Fri, 27 Jan 2023 08:05:55 GMT
Connection: keep-alive
qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/video-play.png
207.60.165.146200 OK 1.6 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/video-play.png
IP 207.60.165.146:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Accept-Ranges: bytes
ETag: "04bdb8c22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 1567
qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/video-mask.png
207.60.165.146200 OK 107 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/template/m1938pc/images/video-mask.png
IP 207.60.165.146:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Accept-Ranges: bytes
ETag: "0f1788a22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 107
qmjijs-niudyeh-eyqujd.com/js/xx3.js
207.60.165.146200 OK 0 B URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/xx3.js
IP 207.60.165.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/xx3.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 13 Oct 2022 11:38:20 GMT
Accept-Ranges: bytes
ETag: "c97f704bf8ded81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 0
kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /01dfa9bde54e701e29b1896a128d2cc1.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 27 Jan 2023 08:05:55 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/153ac71e52df3d7d664bf0bb17905f12.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/153ac71e52df3d7d664bf0bb17905f12.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /153ac71e52df3d7d664bf0bb17905f12.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 27 Jan 2023 08:05:55 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
qmjijs-niudyeh-eyqujd.com/js/dl.js
207.60.165.146200 OK 1.1 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/js/dl.js
IP 207.60.165.146:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash cb3f1cf2da41f81bedca487a43890255
d49c2286ebcfab5c0701ca3201c65e4a9b3feeb6
5ebeaacc3e917ef58ff45a7a201aa749fa8dd14dc71294c29a8f72205b5fa91a
GET /js/dl.js HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 02 Jan 2023 10:23:34 GMT
Accept-Ranges: bytes
ETag: "b6f7b45941ed91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:57 GMT
Content-Length: 1074
kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
104.21.30.227200 OK 202 kB URL HTTP/2 kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 202 kB (202324 bytes)
Hash b3257a1280c7afd3cc952de2c91b1b68
9b1a4dc37ecaca40f22a6748542f8431a8c6d03d
6e09a9770baaf036b9d90d6826ac91de0246661c68d573064c774edd97047fd6
GET /153ac71e52df3d7d664bf0bb17905f12.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qmjijs-niudyeh-eyqujd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:55 GMT
content-type: image/gif
content-length: 202324
last-modified: Mon, 13 Jun 2022 10:12:34 GMT
etag: "62a70d92-31654"
expires: Thu, 02 Feb 2023 18:21:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2036694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llB%2FyE0Jia8DtxI9ZUTslbtmrBTwaCWLrjRNyBJ3opo3B%2BZX%2B07FR3TVtmBzBluWJnsdQ1YB10GPgREBI1cNT7yzek6%2Bi4TZHH4BeLmc1n%2F7JV3BPHRDURtrPP4z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc709ef30b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
104.21.30.227200 OK 917 kB URL HTTP/2 kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917343 bytes)
Hash 4c00e1159d5d1e950b0b9d0bf4ff89ea
ff4782d5b4f083af52757f7f74c524f17ad67a93
edb306fed3ef2015e2eb7a7d11d15f923367819b44e15d0650fdea692f50005e
GET /01dfa9bde54e701e29b1896a128d2cc1.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qmjijs-niudyeh-eyqujd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:55 GMT
content-type: image/gif
content-length: 917343
last-modified: Sun, 25 Dec 2022 10:36:11 GMT
etag: "63a8279b-dff5f"
expires: Fri, 24 Feb 2023 21:03:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 126140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR87%2FUJPhj9bJqQHhcAZNqng2gUsDeF%2FB24vyuRrfSXYthiUvUbZeRPMWS886vf1b9Rl4axfX7haNk21D2w%2F5cYxEf0oPFwk6XEFMRuw%2FaX3rCXIQLlWirrgWC%2BP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fffc709eee0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.86200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UVlbMJ6ASg2VV0UzG5a67mWyUvPflFh7G5UNUJ4qi6mQFBJeHwlDZQ==
age: 1469629
X-Firefox-Spdy: h2
u22055.com/dfa3783e959dd180be6ac3461eaf6706.gif
13.227.254.86200 OK 17 kB URL HTTP/2 u22055.com/dfa3783e959dd180be6ac3461eaf6706.gif
IP 13.227.254.86:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 29c7cef4c49cdd4d92efd4e5a3e7da79
2bb9a0bc5b23da62d81a138a00d14aab31f5e46b
1f1d736a41140b995c19ed76b46abf48710c036b6eb9d1c187c991907ae17001
GET /dfa3783e959dd180be6ac3461eaf6706.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 16993
date: Tue, 10 Jan 2023 14:36:55 GMT
last-modified: Sat, 24 Dec 2022 11:10:18 GMT
etag: "29c7cef4c49cdd4d92efd4e5a3e7da79"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EuzfUYPLXfvq7588a3QxWqQgEvjf849zX7kd4YZNEYHf_jfeOYWrkg==
age: 1445341
X-Firefox-Spdy: h2
qmjijs-niudyeh-eyqujd.com/tp/55664.gif
207.60.165.146200 OK 782 kB URL HTTP/1.1 qmjijs-niudyeh-eyqujd.com/tp/55664.gif
IP 207.60.165.146:0
File type GIF image data, version 89a, 400 x 420\012- data
Size 782 kB (782191 bytes)
Hash c2bb51ac50237bfbc3f9b13473e2580c
ce848db4c913aa0850408f2b457abf27fa28e674
969ce69619fe7c8a28a5194d3b62a2d25480528ed73df8c2f15e66e81002e83a
GET /tp/55664.gif HTTP/1.1
Host: qmjijs-niudyeh-eyqujd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 28 Mar 2022 11:19:30 GMT
Accept-Ranges: bytes
ETag: "66287bb19542d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Length: 782191
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 365673070791d156b4abd5861086ef3b
35af5543a838537a9c95a834207846b5d55d1a59
89c250d9928c5c52942c619186a82814b0e0b7a21ca3c7a910f09c196a4ad872
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136834
Date: Fri, 27 Jan 2023 08:05:55 GMT
Etag: "63d2f965-1d7"
Expires: Sat, 28 Jan 2023 22:06:29 GMT
Last-Modified: Thu, 26 Jan 2023 22:06:29 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HZAHq7GHzDxltIQJpKiuHfkCPmYXOmpUuFVnxr5BPuxVp-1CKlXC4g==
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash da19f60b63e1b203d928833acf510731
994e02dea8b9f890ea579dd846f63b22c6da056e
aab1889fd5de16c1a02e4be21768d4e11e91742a40cf9ad953c2e10b3df225b0
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=195
Date: Fri, 27 Jan 2023 08:05:56 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 9432434e7d1529890f867f1daef227c6
c6e5559db9206aaf596de33fa872d4b89dbeac27
9e65b12ef0dd7e29be9159c62465380d845e9de1007d98e85a598d3316abc73b
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 27 Jan 2023 08:05:56 GMT
Connection: keep-alive
X-N: S
bxzst.com/img/5.jpg
172.247.222.51200 OK 28 kB IP 172.247.222.51:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 377x377, components 3\012- data
Hash 4befa4e6df2856da33158012ef5840a3
a9ac8678c36a2e42047a34903477220ebcb26dc9
333d6186be191309a5202dee8fa8c6524dde9e6a8f75cf932da6aba6b31b6080
GET /img/5.jpg HTTP/1.1
Host: bxzst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 08:04:02 GMT
Content-Type: image/jpeg
Content-Length: 27857
Last-Modified: Thu, 08 Dec 2022 11:52:29 GMT
Connection: keep-alive
ETag: "6391cffd-6cd1"
Expires: Sun, 26 Feb 2023 08:04:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48ad7399a16a20d2bc90045061b8fe49
fb9e0d3eafd9462122b6f40e6d075c28927441ad
67a33f0ff4c4fc009e5bbe3fe2e273496b424a56d58eaf2a2973afd6f018589b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67A33F0FF4C4FC009E5BBE3FE2E273496B424A56D58EAF2A2973AFD6F018589B"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19425
Expires: Fri, 27 Jan 2023 13:29:41 GMT
Date: Fri, 27 Jan 2023 08:05:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92b3824eac5c733db8f9dc60c811fce2
6dd725d899bb1f8680a26a0543afbb33b895aa51
97cfe6f394c18e8f65352328d9796d6d202fefd6ffc31d930b5142af097e9d29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97CFE6F394C18E8F65352328D9796D6D202FEFD6FFC31D930B5142AF097E9D29"
Last-Modified: Thu, 26 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Fri, 27 Jan 2023 14:05:55 GMT
Date: Fri, 27 Jan 2023 08:05:56 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 9627b46dcfd45dc8c9bec2528cadf7ef
ed97d6377cc14c0f810956bf08476b36bfb24e11
6e4ce4f240e94644245d268bd3f020bf157215338844a72248c01593e1a88712
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 23:20:32 GMT
Expires: Wed, 01 Feb 2023 23:20:31 GMT
Etag: "ed97d6377cc14c0f810956bf08476b36bfb24e11"
Cache-Control: max-age=486274,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fffc76ecf60b49-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 290c991f87d40b23924f8b4ef2804d53
a9cc8ce01034fc1b83c1958cfc40c87527a3c885
e2795cf82f138c22ef27afa60b7b573edf67f213270d5707734e8377a88f1bd0
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 19:04:00 GMT
Expires: Tue, 31 Jan 2023 19:03:59 GMT
Etag: "a9cc8ce01034fc1b83c1958cfc40c87527a3c885"
Cache-Control: max-age=384482,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fffc75ecb9fabc-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e3afb2f38f5e203e90b1c8d021577fa
bba80395989328bb33d46d1b8cf7d9c257d8dfb4
bd3624de7fdd1e950790a3bc8c4856c19129c5ac34497e37c1b2ee19feeb535d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD3624DE7FDD1E950790A3BC8C4856C19129C5AC34497E37C1B2EE19FEEB535D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17829
Expires: Fri, 27 Jan 2023 13:03:06 GMT
Date: Fri, 27 Jan 2023 08:05:57 GMT
Connection: keep-alive
jjaaqd.tv/9yue1ri/jj(150x150)33.gif
13.250.113.118200 OK 101 kB URL HTTP/1.1 jjaaqd.tv/9yue1ri/jj(150x150)33.gif
IP 13.250.113.118:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 101 kB (100879 bytes)
Hash 757c9de2f178a33338d017158e92a12b
7aa87b85ba832391968f6eefd9019c708a5cc22b
b090a07516224a44547207f786a0429b812602ce470ca1a977194b24b473bb7d
GET /9yue1ri/jj(150x150)33.gif HTTP/1.1
Host: jjaaqd.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: image/gif
Content-Length: 100879
Connection: keep-alive
Last-Modified: Fri, 07 Oct 2022 09:45:39 GMT
ETag: "633ff543-18a0f"
Expires: Sat, 25 Feb 2023 00:49:03 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
jjaahyas.tv/aseng/jj320.gif
18.140.55.152200 OK 137 kB URL HTTP/1.1 jjaahyas.tv/aseng/jj320.gif
IP 18.140.55.152:0
File type GIF image data, version 89a, 320 x 320\012- data
Size 137 kB (137241 bytes)
Hash fba0f72e39adf2e5010af146c1ca1527
3dd12a504fb9237c27ad8c87c7cd3403ed48cf62
3febf9cf381cf03c042e314666e232477a0b8e50097e6d132c4dbba2bb51c497
GET /aseng/jj320.gif HTTP/1.1
Host: jjaahyas.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: image/gif
Content-Length: 137241
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 13:55:25 GMT
ETag: "63836c4d-21819"
Expires: Sat, 25 Feb 2023 00:48:16 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
595tuchuang.com/960x80.gif
183.255.106.42200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.106.42:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Wed, 15 Feb 2023 09:33:44 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
8499136.com/8499/yb150X150.gif
172.247.50.228200 OK 180 kB URL HTTP/2 8499136.com/8499/yb150X150.gif
IP 172.247.50.228:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 180 kB (180094 bytes)
Hash 91f59b72b5dd1524bf3356a94c727ca5
4f47fdeaaaecca3e526e0b6e461b48b047ac29d5
5cbfb636a77f8f4ccbc0cb7bbf70735c5baa39529f226fe7af77d26c8f5159a1
GET /8499/yb150X150.gif HTTP/1.1
Host: 8499136.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:57 GMT
content-type: image/gif
content-length: 180094
last-modified: Sun, 08 Jan 2023 05:09:54 GMT
etag: "2bf7e-5f1b9a949edff"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499159.com/8499/zzxx/960x60.gif
23.225.237.35200 OK 291 kB URL HTTP/2 8499159.com/8499/zzxx/960x60.gif
IP 23.225.237.35:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499159.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:57 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a6ecbba0bb79bdb33cd6614545828370
da6f71bfb627caa7ab16f81fd4af92420d7cac4a
6b9a22b59e6356bb9b932ba2be7e675588876af80c400dd11c16e5a19bee9ac7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 03:08:26 GMT
Expires: Tue, 31 Jan 2023 03:08:25 GMT
Etag: "da6f71bfb627caa7ab16f81fd4af92420d7cac4a"
Cache-Control: max-age=327147,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fffc752adcb4f7-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash c3203f9d7da027f8a66f112f9b5afe0d
f79b83e740a1dd2ae7202545bbf4b7af80782dbc
52c3c188c134f8d28454427adb6ada3d3433d16632f3973ead62d80abb0d135c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:58 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 10:56:01 GMT
Expires: Wed, 01 Feb 2023 10:56:00 GMT
Etag: "f79b83e740a1dd2ae7202545bbf4b7af80782dbc"
Cache-Control: max-age=441601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fffc7e5be20b49-OSL
595tuchuang.com/200x200.gif
183.255.106.42200 OK 394 kB URL HTTP/1.1 595tuchuang.com/200x200.gif
IP 183.255.106.42:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 394 kB (393547 bytes)
Hash 66f3ae21a3fc0c312ee1d1c3ded377c7
9c9b821905ea47d5218efcaa4729e75a0a01d940
2bb6b477441d8997468144680506dc8cd37380957de869b0b2b5e191acaac92e
GET /200x200.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 08:05:56 GMT
Content-Type: image/gif
Content-Length: 393547
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 11:15:34 GMT
ETag: "639b01d6-6014b"
Expires: Wed, 15 Feb 2023 09:33:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
qp.ezfxpuo.cn/960X120.gif
218.66.171.96200 OK 344 kB URL HTTP/2 qp.ezfxpuo.cn/960X120.gif
IP 218.66.171.96:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 344 kB (343540 bytes)
Hash 08039628f9a83344699d3af12b5d6035
54d48e05d5049f2032fd9c346b3983f7d9580425
fd04f01d30f5af6b5e44a0187fa1e768225d11dcca784c44182533fe2b94bff0
GET /960X120.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Fri, 27 Jan 2023 08:05:57 GMT
content-type: image/gif
content-length: 343540
x-oss-request-id: 63A4A4F3FC567C3433B988B2
etag: "08039628F9A83344699D3AF12B5D6035"
last-modified: Tue, 29 Nov 2022 08:27:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10633121899703716531
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: CAOWKPmoM0RpnTrxK11gNQ==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
7331989ccc.com/bd4404a87d334955ae0a7c732d702ddd.gif
45.61.212.120200 OK 684 kB URL HTTP/1.1 7331989ccc.com/bd4404a87d334955ae0a7c732d702ddd.gif
IP 45.61.212.120:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
GET /bd4404a87d334955ae0a7c732d702ddd.gif HTTP/1.1
Host: 7331989ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63aee017-a6dd2"
Date: Fri, 20 Jan 2023 10:24:18 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 30 Dec 2022 12:56:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-20
Content-Length: 683474
8499132.com/8499/150x150.gif
23.225.237.35200 OK 185 kB URL HTTP/2 8499132.com/8499/150x150.gif
IP 23.225.237.35:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499132.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qmjijs-niudyeh-eyqujd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 08:05:58 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2