r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4526
Expires: Sat, 28 Jan 2023 08:11:32 GMT
Date: Sat, 28 Jan 2023 06:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Sat, 28 Jan 2023 07:50:28 GMT
Date: Sat, 28 Jan 2023 06:56:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 06:35:29 GMT
content-type: application/json
age: 1237
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2499
Expires: Sat, 28 Jan 2023 07:37:45 GMT
Date: Sat, 28 Jan 2023 06:56:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: llYl2FdPHuKOBoCy/9UwCZiAqIn05y3z5eFjhsO7D1bdj7yM+N7EmBQJJ7Vh0MqfdxAVqTGKt70=
x-amz-request-id: 4MFQHP45M525Z0XG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 06:20:52 GMT
age: 2114
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
156.238.82.53301 Moved Permanently 0 B URL HTTP/1.1 www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
IP 156.238.82.53:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login HTTP/1.1
Host: www-mijn-lng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 28 Jan 2023 06:56:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 06:49:03 GMT
age: 424
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17199
Expires: Sat, 28 Jan 2023 11:42:46 GMT
Date: Sat, 28 Jan 2023 06:56:07 GMT
Connection: keep-alive
www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
156.238.82.53200 OK 568 B URL HTTP/1.1 www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
IP 156.238.82.53:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (653), with CRLF line terminators
Hash 3a5b6d1fbe15a8d9111476604e76bc20
a8fe5408872046b71df95bb39bf1f558547c8f74
52a8abf9c6b13f32a913e4cacad963e20b3de9b90d5323ca03742491fa1fc827
Analyzer Verdict Alert quad9 Sinkholed
GET /a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login HTTP/1.1
Host: www.www-mijn-lng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:56:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.43.251.236101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.251.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hLyiDqRZXNk84y4k7Hwi8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zHBcrwW2E1t5UqqWbO7fhefdfwA=
www.www-mijn-lng.com/common.js
156.238.82.53200 OK 564 B URL HTTP/1.1 www.www-mijn-lng.com/common.js
IP 156.238.82.53:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (502), with CRLF line terminators
Hash 175bf308756a0ea99f137c7fd6a957d0
c1dda91edabac1a8766378c30b488d0e615a8437
13f8fc1e6fc5ab5914075fde8fd860db40101489a64af80e3ccf34c60efc883e
Analyzer Verdict Alert quad9 Sinkholed
GET /common.js HTTP/1.1
Host: www.www-mijn-lng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:56:07 GMT
Content-Type: application/x-javascript
Content-Length: 564
Connection: keep-alive
www.www-mijn-lng.com/tj.js
156.238.82.53200 OK 258 B URL HTTP/1.1 www.www-mijn-lng.com/tj.js
IP 156.238.82.53:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 10f1e138405b8c649e51532e6ea5902d
5666466b84c2d3a672adba4a0db986dc816928c4
3f7d7baa82bbaa646fc6bdc7c0fbd36eb54c5ca21fe9c3b450ffd81f69acb735
Analyzer Verdict Alert quad9 Sinkholed
GET /tj.js HTTP/1.1
Host: www.www-mijn-lng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:56:07 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.www-mijn-lng.com/favicon.ico
156.238.82.53200 OK 1.2 kB URL HTTP/1.1 www.www-mijn-lng.com/favicon.ico
IP 156.238.82.53:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.www-mijn-lng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/a1b2c3/7fbf071e99f430d685446fafc84ebb1b/login
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 06:56:08 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 02 Feb 2023 06:56:08 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12924
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 06:56:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yEFlWGi3J14JLA0l2h02VlIqV8opHesKP6GOvfoP5Tp0m7dOYDxIGA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:32 GMT
age: 32196
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 31208
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01d78e0bafdf4cbe227afc503124bc55
e2d21a694342773ccbace4742c4b047e7ce92e1c
3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4641
x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5FJGoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
age: 32370
etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 32426
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:20:03 GMT
age: 5765
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash e562f5065632c8150d59dfe43f82fcba
181e7d53b9b492f4b88e663b29230acb9aba7b91
60d34ccc637c56c4d1776c56eb24d05d235f381b78c130b53fe96a8a4870e9fa
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:16:43 GMT
ETag: "181e7d53b9b492f4b88e663b29230acb9aba7b91"
Last-Modified: Sat, 28 Jan 2023 03:16:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2409
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d396dff1fabc-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 35sWCIsACAhQvXkJvBn0LGf2m9OTklgDprONw5CDUoXD97TUpJ9j5Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 32433
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
amk.aimkk2.top/
198.44.251.207200 OK 195 B IP 198.44.251.207:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 (with BOM) text
Hash 79a7e0e2824fbb0b5313d0e509c624ca
3de14449908152c018c67b798ef623541121857a
73f4000af42f0fcac2cebccab66a81d104c57ae058c91e44513eed09ae70fe0a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: amk.aimkk2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 28 Jan 2023 04:45:22 GMT
Accept-Ranges: bytes
ETag: W/"4611de54d332d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 195
hm.baidu.com/hm.js?e2e9b387a1e94012950aa161131652bf
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e2e9b387a1e94012950aa161131652bf
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 62c6a249c21c0ce0d533b8b5c8c767e1
5c668d81eefba640e55c9e7d1df77d947e3a536f
22453c9086eafa510bc19a232d8948e5f4b80076239bcdd9c6c529aa616a39a8
GET /hm.js?e2e9b387a1e94012950aa161131652bf HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11265
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:09 GMT
Etag: e7538f785361fdc7dc70611f271ba650
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=08886BB7E338A593; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=363883639&si=e2e9b387a1e94012950aa161131652bf&v=1.3.0&lv=1&sn=10976&r=0&ww=1152&u=http%3A%2F%2Fwww.www-mijn-lng.com%2Fa1b2c3%2F7fbf071e99f430d685446fafc84ebb1b%2Flogin&tt=%E7%8E%89%E6%A0%91%E8%B0%A2%E6%84%BF%E9%A4%90%E9%A5%AE%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=363883639&si=e2e9b387a1e94012950aa161131652bf&v=1.3.0&lv=1&sn=10976&r=0&ww=1152&u=http%3A%2F%2Fwww.www-mijn-lng.com%2Fa1b2c3%2F7fbf071e99f430d685446fafc84ebb1b%2Flogin&tt=%E7%8E%89%E6%A0%91%E8%B0%A2%E6%84%BF%E9%A4%90%E9%A5%AE%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=363883639&si=e2e9b387a1e94012950aa161131652bf&v=1.3.0&lv=1&sn=10976&r=0&ww=1152&u=http%3A%2F%2Fwww.www-mijn-lng.com%2Fa1b2c3%2F7fbf071e99f430d685446fafc84ebb1b%2Flogin&tt=%E7%8E%89%E6%A0%91%E8%B0%A2%E6%84%BF%E9%A4%90%E9%A5%AE%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.www-mijn-lng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:10 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9A408C0C8AA20864; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
gd1.aijiu26.top/
198.44.251.190200 OK 8.1 kB IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1451), with CRLF line terminators
Hash a8256780636b4689de0f8270f71aa461
0a1ab0187133d8eea28351af8f2d3bac822ff3c0
670faa7ff7a8c95883177822c0f2043d2588658bed4d669417e203285d93f84f
GET / HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://amk.aimkk2.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.5.38, ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 8072
gd1.aijiu26.top/static/css/home.css
198.44.251.190200 OK 5.1 kB URL HTTP/1.1 gd1.aijiu26.top/static/css/home.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Hash 3826f17ee1b7e69b7f54680c3c3940fb
9517e6d4ef98598383baee1b6be9a7215a5c1882
d52bde3d217bb8ddcef6e2d26ae271ccecd2227d97c898cad42a2a72af78d8da
GET /static/css/home.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:29 GMT
Accept-Ranges: bytes
ETag: "80188f5b3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 5128
gd1.aijiu26.top/template/m1938pc/css/style.css
198.44.251.190200 OK 3.8 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/style.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (887)
Hash 8e09db2666da0d27147d0e89ddb886b9
682725bd961b8fd64b1c77b03ee01607d2078516
b212ccbfb68a47d5ac7dba5ec1498a701df78d27cd13b78575e4c05006517515
GET /template/m1938pc/css/style.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 3752
gd1.aijiu26.top/template/m1938pc/css/white.css
198.44.251.190200 OK 2.4 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/white.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with very long lines (1029)
Hash 43d07fac725d0c1618d8aefae1b470ba
fa83f724f7101d5883a5c49686f0e421c7dfee53
54e00bcb3f4574258aef2ec245209713a32aaaf4b225bf7fce8bb50a536643d7
GET /template/m1938pc/css/white.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 2381
gd1.aijiu26.top/template/m1938pc/css/swiper.min.css
198.44.251.190200 OK 2.8 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/swiper.min.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (17459)
Hash 9e9f68e47d6fec81ac7c11659f1a465a
a7822ebe0349bfd3e312b98de4333171a3ef90ac
219c86d122d8861125c0686f8b7692b1dd9f6741c4603caf62acc59274172f3f
GET /template/m1938pc/css/swiper.min.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 2842
gd1.aijiu26.top/template/m1938pc/css/mm-content.css
198.44.251.190200 OK 1.4 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/mm-content.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash e07a680115f1e5accb27aa44294177ea
0e807f2a36bd9c890dab4c52bd77b38f9855b4df
ce747f9911f2db0f539878984c2818db01e60ea1183a5654616a4f2b59afc806
GET /template/m1938pc/css/mm-content.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 1402
gd1.aijiu26.top/template/m1938pc/css/style1.css
198.44.251.190200 OK 11 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/style1.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text
Hash e9b57076dd9217c8459f991b279a3a80
cef5d7533071b6ec4b88edf907bfd867b197d053
71f0dcbc3a4de3551241812cf85963460154e9ddb12d644d72a018239092ddd1
GET /template/m1938pc/css/style1.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 11004
gd1.aijiu26.top/template/m1938pc/css/mp4.css
198.44.251.190200 OK 1.8 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/mp4.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 8b0347a58284948ee323c7fe3310cf15
37a2619333875f568b8cd6dba4728cda913367df
e364da88a43eac235b220fdf2808240d2114f840f017ca420975a2385244de45
GET /template/m1938pc/css/mp4.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 1792
gd1.aijiu26.top/template/m1938pc/js/jquery.lazyload.js
198.44.251.190200 OK 918 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.lazyload.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash aee713cc820c2f59ada01ac70c8a2077
f2a349c7b249f54571c6209938d2b90a6a7751da
12f767233066dedca643b321e1871353195bcaedea6735d33874ce5c7c057f44
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "fd77725c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 918
gd1.aijiu26.top/template/m1938pc/js/jquery.superslide.js
198.44.251.190200 OK 2.7 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.superslide.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 1113c98de8fb40cc01682977a0180a9d
39db50605904d725971fdcf77a26a2e97184e2e7
a78af7cda23f0d0485b332858549a6eb0649b570eb2f10a0342a14cc287d2f1c
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 2726
gd1.aijiu26.top/template/m1938pc/js/jquery.autocomplete.js
198.44.251.190200 OK 5.5 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.autocomplete.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 26eb6f0919db2d6d78da43cf77d71809
4317d341a2bf1544b913d7cb1297b8d84116b7fe
526738ca3ddc161e1b9bd6c208544f174eb9fee2471135cf92e462c25b6d4c45
GET /template/m1938pc/js/jquery.autocomplete.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 5522
gd1.aijiu26.top/template/m1938pc/js/jquery.config.js
198.44.251.190200 OK 1.8 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.config.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with very long lines (633), with CRLF line terminators
Hash 60f480138f9ded00a86f3714b5f2436b
a974c2866e5fb13b0b1cd15bf90970afa0791fc4
9f8e7fd102a05f4a08f58fde6212883610c62216056f92a56cd93aeeb6683cc9
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 1774
gd1.aijiu26.top/template/m1938pc/css/bootstrap.min.css
198.44.251.190200 OK 22 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/css/bootstrap.min.css
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (493)
Hash 204970276d7400063d26849454653137
362b58603dbbb45a5438ba85d65eea01193bc506
b21197564c59bdcfe360f6d39cda66433e102eda838b29e1351e46a82721ace9
GET /template/m1938pc/css/bootstrap.min.css HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 22130
gd1.aijiu26.top/template/m1938pc/js/jquery.base.js
198.44.251.190200 OK 2.2 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.base.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 2cc729f6d71097f0b1d7aca5af91698b
0a59cdc72ace7cfb2006bf73620eb089d904b5d0
7cd84a038a88d6bbc92eba83e749ac3bcba1d39565a7ec46d637d6a7fd120946
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 2218
gd1.aijiu26.top/static/js/home.js
198.44.251.190200 OK 9.2 kB URL HTTP/1.1 gd1.aijiu26.top/static/js/home.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash 37dd044aadbceaf394a6663eb1685be4
5bc645d509f9888289a889378d362e1b18d44b67
5539cc67acfe87a7ea9ace72c059ea997e8369bc5f4b4cbcd2023d1a734fb2af
GET /static/js/home.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:29 GMT
Accept-Ranges: bytes
ETag: "80188f5b3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 9176
gd1.aijiu26.top/template/m1938pc/ads/banner_s.js
198.44.251.190200 OK 1.1 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/banner_s.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash bd80b981f6e24f0756144a97c54f427b
f1d8dc556471aa312e12aabd473e1b2a27c4ef48
3d0731571b9920fc60da51f4ace16b4db2bbc4ac81b74d4c7b74561f6072d89f
GET /template/m1938pc/ads/banner_s.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 15:05:17 GMT
Accept-Ranges: bytes
ETag: "80f4a670172cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 1111
gd1.aijiu26.top/template/m1938pc/ads/word_s.js
198.44.251.190200 OK 546 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/word_s.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash ef74e81b705aa351c9d5b4f79cf7a2b3
6b7cd862a76ba9b95c286e3f27dd2c7fcc52b15a
66fa43cf29b8b352a9eb97793eb7637a89e6c55fedb5a2b72c5cc3c189392175
GET /template/m1938pc/ads/word_s.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:16:12 GMT
Accept-Ranges: bytes
ETag: "0bea338b82cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 546
gd1.aijiu26.top/template/m1938pc/ads/word_x.js
198.44.251.190200 OK 422 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/word_x.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 29f17e2143e5efc27c4e63416aec64b9
4d30d6c6cb6af6c22cb07e869e0a82b988a18815
42e2cbb8333f0c1bce33984cce520d5de68645bf6b31cff439b7e8de5ce48ed2
GET /template/m1938pc/ads/word_x.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:16:32 GMT
Accept-Ranges: bytes
ETag: "0808f44b82cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 422
gd1.aijiu26.top/template/m1938pc/js/jquery.js
198.44.251.190200 OK 33 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/js/jquery.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash 56608658b2d3c142617d82002755ec3a
38b9fb0db643f6548e0d6f1fdbd74de23f572fa0
5b8b1586d7a008e3436f6b15fa1705b165b7d6a24ccc8fe603aa352cce3493b0
GET /template/m1938pc/js/jquery.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 13:22:30 GMT
Accept-Ranges: bytes
ETag: "0af275c3dd3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:09 GMT
Content-Length: 32857
gd1.aijiu26.top/template/m1938pc/ads/banner_z.js
198.44.251.190200 OK 456 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/banner_z.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 099cff59e1daeffb779dc335103fe0f1
9c17f38c258b1a857346c1b83d55ae6b38ed64a8
0f0f982dd61eb40660c941bf66df33afdaa0b520e4a425f2371afdad5ba5db6c
GET /template/m1938pc/ads/banner_z.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:15:23 GMT
Accept-Ranges: bytes
ETag: "62faf01bb82cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 456
gd1.aijiu26.top/template/m1938pc/ads/1.js
198.44.251.190200 OK 816 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/1.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with very long lines (314), with CRLF line terminators
Hash bbd256139bbb8a840a95c712443c9361
8e72a0d1f783b0708f071c982b8e083d1e3a0d13
3799f3a0d4d6c959858e88e5f4dcf7136cd1df64e329b3ac4f1da1307458cf90
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 09:47:39 GMT
Accept-Ranges: bytes
ETag: "811b33bb42cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 816
gd1.aijiu26.top/template/m1938pc/ads/2.js
198.44.251.190200 OK 579 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/2.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3ba0872374450c94f889d3c27c480465
976cd4fa81803c9008f336b3b302f5a08bf890ce
864ab059e42f018b2a65571dd9668de8d494151816d5d05c6a1edb7badfa43d1
GET /template/m1938pc/ads/2.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 09:49:16 GMT
Accept-Ranges: bytes
ETag: "e34b475b42cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 579
gd1.aijiu26.top/template/m1938pc/ads/3.js
198.44.251.190200 OK 620 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/3.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 12a10b2e19752e2453924ab238a8ad5b
0e174ad5034d626982b5adbc5b49b772dd159629
fc76ec32325bdd42fa1691a72f22428f32b2e66ce22d83032d98d683ede48d8e
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:13:45 GMT
Accept-Ranges: bytes
ETag: "e1857de1b72cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 620
gd1.aijiu26.top/template/m1938pc/ads/4.js
198.44.251.190200 OK 748 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/4.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3a8fa7eab2f7b1565c0abc99a3588c04
5d26527929a6ac2a6b668e539db5556b7471b2a6
007b11f5e8eea3f55ff4e8660ab873c70efebf4a0812d53797ea005803845079
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 12:54:19 GMT
Accept-Ranges: bytes
ETag: "d1ea99264e27d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 748
gd1.aijiu26.top/template/m1938pc/ads/5.js
198.44.251.190200 OK 661 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/5.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with very long lines (328), with CRLF line terminators
Hash c254de265182d89e805fc168f8ff1ba7
6a7f35b51b99b27688e7bbbd14ba81528ac340cb
53515bbcc95aadd08065759211550a3264b42a4dea17d45f757dabeccf86cd28
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 12 Jan 2023 10:54:31 GMT
Accept-Ranges: bytes
ETag: "dd2925407426d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 661
gd1.aijiu26.top/template/m1938pc/ads/6.js
198.44.251.190200 OK 657 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/6.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d6456fca4f8ccdf0fc46c898303ca509
6b7bb8c80c0491009e225cc891158c963d788f54
3d118748d08c9dca89830cb8c3fa5972255b02144eb8961e92a26c7efd698684
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:14:43 GMT
Accept-Ranges: bytes
ETag: "3bafc3b82cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 657
gd1.aijiu26.top/template/m1938pc/ads/7.js
198.44.251.190200 OK 0 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/7.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 29 Sep 2022 15:44:29 GMT
Accept-Ranges: bytes
ETag: "eeb94b5c1ad4d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 0
gd1.aijiu26.top/template/m1938pc/ads/9.js
198.44.251.190200 OK 0 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/9.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 29 Sep 2022 15:44:29 GMT
Accept-Ranges: bytes
ETag: "eeb94b5c1ad4d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 0
gd1.aijiu26.top/template/m1938pc/ads/10.js
198.44.251.190200 OK 552 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/10.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 37a0702107d200117cc4808016d4287d
99bfe091a633bdf85b925a5186d73b092c0006ec
0946c6e6a0a1038ce207cf6e6d648ceb14160acaa74c5e855fda6427dcef11d8
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 09:14:17 GMT
Accept-Ranges: bytes
ETag: "44fca4692f27d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 552
gd1.aijiu26.top/template/m1938pc/ads/banner_x.js
198.44.251.190200 OK 591 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/banner_x.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash e3c7f78a462fd127adcd7d7693abee1a
51f58f2372abe2c58f60fe3a251665a23c646a03
0bc70048b30c87ecf2ea567641ecb89a90e4918c155f0a6dbe2e1733e8490ece
GET /template/m1938pc/ads/banner_x.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:15:16 GMT
Accept-Ranges: bytes
ETag: "598a9717b82cd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 591
gd1.aijiu26.top/template/m1938pc/ads/8.js
198.44.251.190200 OK 0 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/8.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 29 Sep 2022 15:44:29 GMT
Accept-Ranges: bytes
ETag: "eeb94b5c1ad4d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:10 GMT
Content-Length: 0
gd1.aijiu26.top/template/m1938pc/ads/77.js
198.44.251.190200 OK 706 B URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/ads/77.js
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 57b431814eb9a3f19140cc4134dbd896
99f5a31a63244f45699fae04189fb239985f6325
4ed31102888cbf1efcf5c878c2f66d2f38c9d82851548a50d7a89c36a31dffd2
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 04:41:52 GMT
Accept-Ranges: bytes
ETag: "dab7f0ac932d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:11 GMT
Content-Length: 706
gd1.aijiu26.top/template/m1938pc/html/advertised/advertised.json?refresh=2023128Sat%20Jan%2028%202023%2006:56:13%20GMT+0000%20(Coordinated%20Universal%20Time)
198.44.251.190404 Not Found 1.2 kB URL HTTP/1.1 gd1.aijiu26.top/template/m1938pc/html/advertised/advertised.json?refresh=2023128Sat%20Jan%2028%202023%2006:56:13%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/m1938pc/html/advertised/advertised.json?refresh=2023128Sat%20Jan%2028%202023%2006:56:13%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 06:56:11 GMT
Content-Length: 1163
gd1.aijiu26.top/api.php/timming/index?t=0.5216880778638227
198.44.251.190200 OK 298 B URL HTTP/1.1 gd1.aijiu26.top/api.php/timming/index?t=0.5216880778638227
IP 198.44.251.190:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with no line terminators
Hash 87a2a62a337ab379cbd62000a297a207
f7a9a381b20e69f584d090bba13405ccdfbfed4f
f16f35d1d70b36cb8d87e49ab6cf22a876c239fcab06d9b374eccff4802e4f7f
GET /api.php/timming/index?t=0.5216880778638227 HTTP/1.1
Host: gd1.aijiu26.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gd1.aijiu26.top/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.5.38, ASP.NET
Date: Sat, 28 Jan 2023 06:56:11 GMT
Content-Length: 298
dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
104.110.17.24200 OK 471 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 471 kB (471292 bytes)
Hash 5607cae5276d831657c9656d79a91056
984aef4f0ae0adcc6c1b95d07244a379a263c368
da1d86fc792d6db5a69c57bcc83670c0db02bd9d70e190b8b9f55a474f5442df
GET /images/0101u12000afi1qkd7430.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 471292
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6485773
expires: Thu, 13 Apr 2023 08:32:25 GMT
date: Sat, 28 Jan 2023 06:56:12 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
104.110.17.24200 OK 121 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 121 kB (120581 bytes)
Hash df98d05eafcc98d4a8beb8fdaea33d7b
e2fe0e1248eee770d0160151fd5d15822a5a9058
6c9bfee3b3175e72068b00c27a767920960a51080930ba550da900debc25d311
GET /images/0102y12000abt01aa9FED.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 120581
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5051611
expires: Mon, 27 Mar 2023 18:09:43 GMT
date: Sat, 28 Jan 2023 06:56:12 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?aef3ae746d930aaf3c9d32f6b4df21e1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?aef3ae746d930aaf3c9d32f6b4df21e1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 45b2ee1839b94b6455cc6d79d8bb2eca
15ed3943834d103a55244e1986e7096108970dcd
f6f517c54ccc21e72be17397f043bdea1d2062cf1e02034172e13faf1ffcb928
GET /hm.js?aef3ae746d930aaf3c9d32f6b4df21e1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: c7538e9e7bf964c2f5dca4434ef362fb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6ABC5AC97A52706A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmtu.slsltutu.com/upload/vod/20220903-1/310170f116e6e914581f7195bb141143.jpg
104.22.64.239200 OK 12 kB URL HTTP/2 fmtu.slsltutu.com/upload/vod/20220903-1/310170f116e6e914581f7195bb141143.jpg
IP 104.22.64.239:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 51872f1e506eae2243c02a925766e3a7
576363400bfa84deac03b68e820ecfcf07deaf62
1fa98c386451ed73961e2605c1c8abdc8996c8e602de94c0c2dbd7a32bc78c6a
GET /upload/vod/20220903-1/310170f116e6e914581f7195bb141143.jpg HTTP/1.1
Host: fmtu.slsltutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:12 GMT
content-type: image/jpeg
content-length: 12211
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12774, status=webp_bigger
etag: "631361fa-31e6"
last-modified: Sat, 03 Sep 2022 14:17:30 GMT
access-control-allow-credentials: true
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4744
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b0bd7e2d89-ARN
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0eafaeadc0e7248e7a769e0723733695
57563c66aa6f5be1979d7bc3411ca68d8a5500ab
8a665294ff265308d3a6229952ca71991f47ee0ee377a5ae645e83eabf70efea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:51:47 GMT
ETag: "57563c66aa6f5be1979d7bc3411ca68d8a5500ab"
Last-Modified: Sat, 28 Jan 2023 04:51:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d3b1c8c7fabc-OSL
hm.baidu.com/hm.js?b516957b60428592f99412c4f46a0eaa
103.235.46.191200 OK 12 kB URL HTTP/1.1 hm.baidu.com/hm.js?b516957b60428592f99412c4f46a0eaa
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9542a24373b91e51704b75eab43dcbdd
fff356611200fdc037fdb25457a793a0ba1aecdf
937337d66e914cf8ac64419e337e273310a2473df6408fcd38243bbb1943c66d
GET /hm.js?b516957b60428592f99412c4f46a0eaa HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11458
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: c754253b775a42ebbbf70c49915196c6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6782BC960CED4329; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0eafaeadc0e7248e7a769e0723733695
57563c66aa6f5be1979d7bc3411ca68d8a5500ab
8a665294ff265308d3a6229952ca71991f47ee0ee377a5ae645e83eabf70efea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 04:51:47 GMT
ETag: "57563c66aa6f5be1979d7bc3411ca68d8a5500ab"
Last-Modified: Sat, 28 Jan 2023 04:51:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d3b1d8d4fabc-OSL
u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.116200 OK 864 kB URL HTTP/2 u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.116:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: u25011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
date: Fri, 27 Jan 2023 21:10:21 GMT
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hSfQB097x0c5zLm6zOLLtKJxMUd7_xjeam0UxkpiN9MkCBQVpltjiw==
age: 35152
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c8854d6e51a0e96bd4218b8993c008c
027d98f03831ac902b8513d63c930b2f5109394d
da20e1241ba4e2cbe6dffe4905aaeacb7df063abafbd17ebee3b7fd87e13e298
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA20E1241BA4E2CBE6DFFE4905AAEACB7DF063ABAFBD17EBEE3B7FD87E13E298"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6872
Expires: Sat, 28 Jan 2023 08:50:45 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=524099218&si=aef3ae746d930aaf3c9d32f6b4df21e1&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10979&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=524099218&si=aef3ae746d930aaf3c9d32f6b4df21e1&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10979&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=524099218&si=aef3ae746d930aaf3c9d32f6b4df21e1&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10979&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3F06E50813FCCF3F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.76200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.76:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2e4ac979e01c116ae8349b7d6d1489a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w4VZwPHRdjbkQIAMqtBKDdxB5Ep2MKv7Vzyk8vujnc9jxKH_Tlj3CA==
age: 1551846
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 388
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d3b33d7f0b06-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1e9f8ab3162111e7d6f96ba1685fe269
a63317690c2435c0b9635a2c52034b0e38b5fc86
a5e39f0df55c2fd5a25352bfae64cd54b7949b4f154e4acd6c574892900d0643
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:21:25 GMT
ETag: "a63317690c2435c0b9635a2c52034b0e38b5fc86"
Last-Modified: Sat, 28 Jan 2023 05:21:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 832
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d3b33a310b69-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 33cb45d26bc88f689a1ebd6fc9cbd7aa
03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce
f3fce01f1a093da93a979bc567ba74ffcd0c2f65ddb5bf92edaf8e6a339ff208
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 05:31:12 GMT
ETag: "03aea4500907f4bf9fecc3c28b66ab6b6f0c66ce"
Last-Modified: Sat, 28 Jan 2023 05:31:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 388
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907d3b33c75b521-OSL
u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.65200 OK 396 kB URL HTTP/2 u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.65:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 42d31def379658b708a4d27c9bcbd98a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CDEqpLZn_e995Y27WX7EfTKuqDpMWev2Oh0TNmVHfwaVVzcDGoGWwQ==
age: 1551846
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 220fb4c7011b49281666b467ada83432
44de3cab9c56be0f007d2dbbde5ba4d9a3b1cfd4
8e85c7fa64f1d519427e95d6de975a048f80a74efd3e6a4fb681097677054718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 791
Cache-Control: max-age=143940
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: "63d4533a-117"
Expires: Sun, 29 Jan 2023 22:55:13 GMT
Last-Modified: Fri, 27 Jan 2023 22:42:02 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b34bba53c6a5033392b61b8e99088efe
3ede4f94b135e22a542eccc275dbaa2e12ec1914
c0d59cfa5803a2592377ae4a09aa0ba26cfb445e408191ee5365fab02705e861
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C0D59CFA5803A2592377AE4A09AA0BA26CFB445E408191EE5365FAB02705E861"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17122
Expires: Sat, 28 Jan 2023 11:41:35 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b34bba53c6a5033392b61b8e99088efe
3ede4f94b135e22a542eccc275dbaa2e12ec1914
c0d59cfa5803a2592377ae4a09aa0ba26cfb445e408191ee5365fab02705e861
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C0D59CFA5803A2592377AE4A09AA0BA26CFB445E408191EE5365FAB02705E861"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17122
Expires: Sat, 28 Jan 2023 11:41:35 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b34bba53c6a5033392b61b8e99088efe
3ede4f94b135e22a542eccc275dbaa2e12ec1914
c0d59cfa5803a2592377ae4a09aa0ba26cfb445e408191ee5365fab02705e861
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C0D59CFA5803A2592377AE4A09AA0BA26CFB445E408191EE5365FAB02705E861"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17122
Expires: Sat, 28 Jan 2023 11:41:35 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b34bba53c6a5033392b61b8e99088efe
3ede4f94b135e22a542eccc275dbaa2e12ec1914
c0d59cfa5803a2592377ae4a09aa0ba26cfb445e408191ee5365fab02705e861
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C0D59CFA5803A2592377AE4A09AA0BA26CFB445E408191EE5365FAB02705E861"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17122
Expires: Sat, 28 Jan 2023 11:41:35 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
sycdn.pic-726-baidu.com/upload/vod/20211125-1/ece901637fe2ad1591b5d3535c665fe0.jpg
104.22.28.157200 OK 73 kB URL HTTP/2 sycdn.pic-726-baidu.com/upload/vod/20211125-1/ece901637fe2ad1591b5d3535c665fe0.jpg
IP 104.22.28.157:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0493003fac75b242c70cb4cf7fc09524
730a347273ef5aaa215a7c01656b891d0df92961
f6bc6c017fbbd45d3cfad9964f47fbe7cc5cccdab31818dbaea949e220ecc324
GET /upload/vod/20211125-1/ece901637fe2ad1591b5d3535c665fe0.jpg HTTP/1.1
Host: sycdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 72844
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=467760
content-disposition: inline; filename="ece901637fe2ad1591b5d3535c665fe0.webp"
etag: "61a984ab-72330"
expires: Mon, 27 Feb 2023 05:37:08 GMT
last-modified: Fri, 03 Dec 2021 02:44:59 GMT
strict-transport-security: max-age=31536000
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b3ab93b4ff-OSL
X-Firefox-Spdy: h2
u25011.com/9e9012f2fc173b1cf0ae24c016df64e9.gif
13.227.254.116200 OK 1.0 MB URL HTTP/2 u25011.com/9e9012f2fc173b1cf0ae24c016df64e9.gif
IP 13.227.254.116:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 1.0 MB (1042539 bytes)
Hash 21ebefaca040d7b3a1c70ab5a78ab323
cdd867b2d372496a12fa2b51195b5412df758516
d18f797e84bc0a1fdbd072f66a7cef2e5e40f73b2f3cfab98d2a361bfd170c59
GET /9e9012f2fc173b1cf0ae24c016df64e9.gif HTTP/1.1
Host: u25011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1042539
date: Fri, 13 Jan 2023 12:48:08 GMT
last-modified: Fri, 13 Jan 2023 11:22:34 GMT
etag: "21ebefaca040d7b3a1c70ab5a78ab323"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dl507gvwS93MGpuE0ynZnKkZiIvlm336Lk4Su12039iWLMhz71vFMA==
age: 1274885
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/nnjbfti2yww.jpg
104.22.12.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/nnjbfti2yww.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4d42222929e67a0b274416f9ac3e2f9
9a83d42fec3b6dae51b6f40b53fbc9fecc77c26d
6495cafe8f742e8b17b0cd33bced85925769871a8a1655c5878469404ec02489
GET /upload/vod/2023/01/nnjbfti2yww.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8666
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9823
content-disposition: inline; filename="nnjbfti2yww.webp"
etag: "63d3ac5d-265f"
last-modified: Fri, 27 Jan 2023 10:50:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4092eb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/2pl4baqq20g.jpg
104.22.12.214200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/2pl4baqq20g.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7fe606a95e4c1997b044f04ec4616325
90756b923f9ba7bcc4dc190e1245551f0cce3971
88bb1fd2e6829b26578a1536876ff1ee349ce951b71bd0a7227fb2d845e0e0e9
GET /upload/vod/2023/01/2pl4baqq20g.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 5010
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7374
content-disposition: inline; filename="2pl4baqq20g.webp"
etag: "63d3ac54-1cce"
last-modified: Fri, 27 Jan 2023 10:49:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4092db524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/i0v1ynoan3s.jpg
104.22.12.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/i0v1ynoan3s.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 722025816b489fd3cb2624a74c8c7a7a
5c9f615412816fba74dc8626838fcb54b7ca2b26
13861021aa8f4d224fc8dd4b00bab2df3e464ba3d78c6dfd520344598002ac4e
GET /upload/vod/2023/01/i0v1ynoan3s.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8880
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9549
content-disposition: inline; filename="i0v1ynoan3s.webp"
etag: "63d3ac66-254d"
last-modified: Fri, 27 Jan 2023 10:50:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40932b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/pgohj4femue.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/pgohj4femue.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3412ac4cf8138598942ae2971ba2f122
0f02fbd8f9d28e7d219b1f7a2c63ccd4c56f76d1
6078d9c218b66a417f89d8df1afca1b79d0d0d6b6e81883e20c24bdd4f0ce7bc
GET /upload/vod/2023/01/pgohj4femue.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 10542
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10988, status=webp_bigger
etag: "63d3ac6a-2aec"
last-modified: Fri, 27 Jan 2023 10:50:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b40934b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/0xj514il5gq.jpg
104.22.12.214200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/0xj514il5gq.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f355c4539395ce9a6a6f39e93d691de
46e1bc920fd9818237b0b78e22c8a434ef6c3ce2
441cdc864bb99332645f17289595481b39fa8090d7669c959215213bd6824ad8
GET /upload/vod/2023/01/0xj514il5gq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 5750
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8018
content-disposition: inline; filename="0xj514il5gq.webp"
etag: "63d3ac71-1f52"
last-modified: Fri, 27 Jan 2023 10:50:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40936b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/i4o2rch5zan.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/i4o2rch5zan.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0277f3b2d3e56d8a3b5acf512db7351f
835ab06175b63145d2aa720421586c4d68caa80d
14285c22e5eb8404bd7a272b13b35c2a5479e5da031cd4678b626ba130b2ce10
GET /upload/vod/2023/01/i4o2rch5zan.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 10618
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11787
content-disposition: inline; filename="i4o2rch5zan.webp"
etag: "63d3ac6e-2e0b"
last-modified: Fri, 27 Jan 2023 10:50:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40935b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/0jvsmetw2df.jpg
104.22.12.214200 OK 4.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/0jvsmetw2df.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f380037b239816923b0ce5ce8aa4ebd
de039432c2d51ef1a36b7658b675b0403dc3b397
a72fbc6208f09629ecd5592d2c903937a2fde15b1c3f86424e6763dd95287bce
GET /upload/vod/2023/01/0jvsmetw2df.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 4670
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6510
content-disposition: inline; filename="0jvsmetw2df.webp"
etag: "63d3ac77-196e"
last-modified: Fri, 27 Jan 2023 10:50:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40937b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/yoo3mhqy0wc.jpg
104.22.12.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/yoo3mhqy0wc.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ca909fa7181bb674556fd268dbb9a4e
64edf5315ac345690322863e6f7c55e54177f376
dc28d574c28b9dff5534762d157279584bf8b931dbf3b0a8524656874e5a89ae
GET /upload/vod/2023/01/yoo3mhqy0wc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8320
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9433
content-disposition: inline; filename="yoo3mhqy0wc.webp"
etag: "63d3ac81-24d9"
last-modified: Fri, 27 Jan 2023 10:50:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40939b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/sxfgt0veu0o.jpg
104.22.12.214200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/sxfgt0veu0o.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e1731dd88d567ef22284ca45a7e4177
3dd1a82e46b0de59d0942d8d47d81c33e0b13335
a9d34e0e5aff12803a91ade2dc1375ea5d329e45724a97b4918f445fdd9ad055
GET /upload/vod/2023/01/sxfgt0veu0o.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 9922
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10381
content-disposition: inline; filename="sxfgt0veu0o.webp"
etag: "63d3ac61-288d"
last-modified: Fri, 27 Jan 2023 10:50:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40931b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/edeoazjgwiy.jpg
104.22.12.214200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/edeoazjgwiy.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 895f8b1d37db97f0a4b3939fa2de50bd
ea4b46e8bf05c5a6f65301d83bd7dc2e14869d0b
6b90302f95b3f12e4326f3133d59842b0b2c98015cdbe22c7f80264d8f041854
GET /upload/vod/2023/01/edeoazjgwiy.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6232
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8708
content-disposition: inline; filename="edeoazjgwiy.webp"
etag: "63d3ac7c-2204"
last-modified: Fri, 27 Jan 2023 10:50:36 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40938b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/wadkbst1t1r.jpg
104.22.12.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/wadkbst1t1r.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b8fa168a309069127f3979f0cbf61c9
6e7d3fbc41c39a5fa100ff414e3f7c0bc5ecfcd6
abe7b57b53a9a7944f1bf0e86c34c9155c0fc439706d16acd95f228c3fb08138
GET /upload/vod/2023/01/wadkbst1t1r.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 7138
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7977
content-disposition: inline; filename="wadkbst1t1r.webp"
etag: "63d3ac8b-1f29"
last-modified: Fri, 27 Jan 2023 10:50:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4093bb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ywe3044y2gv.jpg
104.22.12.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ywe3044y2gv.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b6ea526dc67922c2f8f6fd205e12750
e67ed3669e8c393a624426ea04c226f4b775cb30
aeb34b2cdb88fe7d113ee14faeb1d8635c5bbd63aeb2401c0f57e4429e85f99e
GET /upload/vod/2023/01/ywe3044y2gv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6912
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8247
content-disposition: inline; filename="ywe3044y2gv.webp"
etag: "63d3ac90-2037"
last-modified: Fri, 27 Jan 2023 10:50:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4093cb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/5dqsei21kyc.jpg
104.22.12.214200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/5dqsei21kyc.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c295c0737516fececba24d6fe572f583
79229406dacf5f5cca2d7e35537515cd23eb31d6
74e3e0eb15f2225222c4e8461275cc2b27edcf3abb119e733e1abb81b1da93b3
GET /upload/vod/2023/01/5dqsei21kyc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 5680
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6860
content-disposition: inline; filename="5dqsei21kyc.webp"
etag: "63d3ac98-1acc"
last-modified: Fri, 27 Jan 2023 10:51:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4093eb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/u4dqowkn4p3.jpg
104.22.12.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/u4dqowkn4p3.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 41e65d41d79c43d9459dae3ab27648d8
fc1cf68d8893d60186b79bf981bb3e842df088dd
39e4630845ebbe2eea3f60c931c6f63891a79511ee078e60d8c21ff3f27b87c7
GET /upload/vod/2023/01/u4dqowkn4p3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8392
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9936
content-disposition: inline; filename="u4dqowkn4p3.webp"
etag: "63d3ac93-26d0"
last-modified: Fri, 27 Jan 2023 10:50:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4093db524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ixujj03y15u.jpg
104.22.12.214200 OK 6.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ixujj03y15u.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e4a663e87fee6216f97f16f7cfc0832d
71a75f29b0f2d26d1c96f174ff64c76bb062d5ab
15d3fbd01daca7bc73221b5f0028bd6f38afe5ea3fcf155a8aa87472715c08fe
GET /upload/vod/2023/01/ixujj03y15u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6500
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8098
content-disposition: inline; filename="ixujj03y15u.webp"
etag: "63d3aca1-1fa2"
last-modified: Fri, 27 Jan 2023 10:51:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40940b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/cdb2wv2f4bx.jpg
104.22.12.214200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/cdb2wv2f4bx.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df1202701335e1079c292860e903cca0
e45cf439b41ee8b9e92422216c1e9a87b5076746
13d28cb47829644e233c65f210d0e8bd107fd36832920308cba7df21c1bd6f02
GET /upload/vod/2023/01/cdb2wv2f4bx.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6102
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7570
content-disposition: inline; filename="cdb2wv2f4bx.webp"
etag: "63d3aca6-1d92"
last-modified: Fri, 27 Jan 2023 10:51:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40941b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/0xztxom25yo.jpg
104.22.12.214200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/0xztxom25yo.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a67073553ca9a089cbfae66b219187ed
bdd18803a3b0cb93a74a1845efa483ca773a5a45
c42be3eaa01f5102db5d100ba28fe075b340906a6364c30e65384988edba4aff
GET /upload/vod/2023/01/0xztxom25yo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8846
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9884
content-disposition: inline; filename="0xztxom25yo.webp"
etag: "63d3ad19-269c"
last-modified: Fri, 27 Jan 2023 10:53:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40942b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/opwdgzucbqn.jpg
104.22.12.214200 OK 4.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/opwdgzucbqn.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4d145cebb950c4ccce321a73bce799fc
84267505a4cfe9fb1ef7d2b150a56c7217eaae41
83cb6e09374f146a2db4e2474717982f0693cf3ae9ab9514c9b014e017c43c59
GET /upload/vod/2023/01/opwdgzucbqn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 4560
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7128
content-disposition: inline; filename="opwdgzucbqn.webp"
etag: "63d3ad1c-1bd8"
last-modified: Fri, 27 Jan 2023 10:53:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40943b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/aefj5d1ecud.jpg
104.22.12.214200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/aefj5d1ecud.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f9940fa48b48fcf148a8807b54889077
f385c43ab44b509e3ba471e178276e90188835ea
e9be0faa6dabdeddf3b1eb09d42f3bcbe61cc1bf6903bf862dd30c40354461e1
GET /upload/vod/2023/01/aefj5d1ecud.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6348
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8528
content-disposition: inline; filename="aefj5d1ecud.webp"
etag: "63d3ad21-2150"
last-modified: Fri, 27 Jan 2023 10:53:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40944b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/r2ypaitbg43.jpg
104.22.12.214200 OK 4.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/r2ypaitbg43.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 26b155034dc5b431d4482ccec0d16e5e
93e684112fd6ff215053f0fa1fe5793cca36129c
e872e1c1b37e7481497976b929c15d91010fe712850e0dafe40fbf7e3e756450
GET /upload/vod/2023/01/r2ypaitbg43.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 4196
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6393
content-disposition: inline; filename="r2ypaitbg43.webp"
etag: "63d3ad29-18f9"
last-modified: Fri, 27 Jan 2023 10:53:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40946b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/0dajisi4tjp.jpg
104.22.12.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/0dajisi4tjp.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a3a698be04283234204592eb7f46fda
c5468c94a5275ba575ef0e1530a8f453b63e4911
bf3d00c1a0900ae01610dffb018f64f8fdd7ff0d1b5ab7548024e07dbf40d554
GET /upload/vod/2023/01/0dajisi4tjp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 8414
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9876
content-disposition: inline; filename="0dajisi4tjp.webp"
etag: "63d3ad25-2694"
last-modified: Fri, 27 Jan 2023 10:53:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40945b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/uryscvgmbrf.jpg
104.22.12.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/uryscvgmbrf.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 746a230b18d117712e21a5850ba4fa3a
7ad1e695d12a5e1fc7c3cc662567e6948a86887d
1be48ac81a370a78c86d07a25d6bf618d46112c9c3cec33787d057ac752d8dae
GET /upload/vod/2023/01/uryscvgmbrf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6002
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7165
content-disposition: inline; filename="uryscvgmbrf.webp"
etag: "63d3ad2c-1bfd"
last-modified: Fri, 27 Jan 2023 10:53:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b40948b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/2t3c3noisgc.jpg
104.22.12.214200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/2t3c3noisgc.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a808329d97914ffb8367f64f46ebaed6
cb2766b69d7d61b3329669db4e17219f59601c97
0024f965530f30d22aa7558030e994fd06438116783f1c84548b2f3b5d90c2c6
GET /upload/vod/2023/01/2t3c3noisgc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6830
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8293
content-disposition: inline; filename="2t3c3noisgc.webp"
etag: "63d3ad32-2065"
last-modified: Fri, 27 Jan 2023 10:53:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4094ab524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/m3is0zgefim.jpg
104.22.12.214200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/m3is0zgefim.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a3879d614c7682366698fce004d8cec9
c9e2ce6b4339b27edaaf885add5dc5430dec2e1e
3cfcf14ecd07ea8d033b269ef341a565ae8eab73d372f70dc50d4f0850d83172
GET /upload/vod/2023/01/m3is0zgefim.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 5246
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7576
content-disposition: inline; filename="m3is0zgefim.webp"
etag: "63d3ac4f-1d98"
last-modified: Fri, 27 Jan 2023 10:49:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b4094cb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/tufyxfzffyq.jpg
104.22.12.214200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/tufyxfzffyq.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash f28c0888d7a88d9dc4e07338133dd279
0d7411ab5d2ace0e63b34b02746a0dfbc91714a8
d22d610457c7806c964ba06d170e538ca5bbfa5ded2bc1c4ec6d46bc32c58f35
GET /upload/vod/2023/01/tufyxfzffyq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 9819
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10354, status=webp_bigger
etag: "63d3ac86-2872"
last-modified: Fri, 27 Jan 2023 10:50:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b4093ab524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/4k5hlpfukaz.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/4k5hlpfukaz.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 647a921903c6a984ba08555c26a5e87b
5ec984a33efec883e31b28add629df3b1201a995
283963cae1b416184f120f9347138a3e7f5163d80569c9fd2014f7124594672e
GET /upload/vod/2023/01/4k5hlpfukaz.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 10504
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10917, status=webp_bigger
etag: "63d3ac9d-2aa5"
last-modified: Fri, 27 Jan 2023 10:51:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b4093fb524-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1487880616&si=b516957b60428592f99412c4f46a0eaa&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.2.83&lv=1&sn=10980&r=0&ww=1124&ct=!!&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1487880616&si=b516957b60428592f99412c4f46a0eaa&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.2.83&lv=1&sn=10980&r=0&ww=1124&ct=!!&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1487880616&si=b516957b60428592f99412c4f46a0eaa&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.2.83&lv=1&sn=10980&r=0&ww=1124&ct=!!&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F1DEA5B9909EC5AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
lbfm.lbpictupian.com/upload/vod/2023/01/t00umkur0sv.jpg
104.22.12.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/t00umkur0sv.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b7eb0fb2946cab05e956c45250d28fde
e4e7e936421feefddb2d8a59e9b8f614d07794ae
fdb787ac03f1dc1b001339dc412ee8cd039a27c3f870c294f97acb6213fef50e
GET /upload/vod/2023/01/t00umkur0sv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 12044
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12574, status=webp_bigger
etag: "63d3ac41-311e"
last-modified: Fri, 27 Jan 2023 10:49:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b4094bb524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/cii1tlpirbt.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/cii1tlpirbt.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 0847eb564c387de073cf5f1c1256b28c
bcb3d558e54c20ab504d1e521edebf9ee1d9ddea
08c64106b48185b594c07d59c63e15ea28b662e69d957205f78f062e2e5c4313
GET /upload/vod/2023/01/cii1tlpirbt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 10136
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10578, status=webp_bigger
etag: "63d3ac3d-2952"
last-modified: Fri, 27 Jan 2023 10:49:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b4094db524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/x3txqwdn520.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/x3txqwdn520.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- Sun disk label '\377\330\377\340\024\024\025\025\027\027\027\025\025\025\025\027\027\031\031\031\036\036\034\034##$++3\377\302\360\001@\003\001"' 18509 phys cys, 27564 alts/cyl, 13690 data cyls, 1315271157 blocks\012- data
Hash 38cbc677d629d00fa0700def2110e1a7
edbed63dbb9d7d3a37120db0bec594308c46f39b
4cc961d4b58b31e2dc9841b091d7587ee634282a089e48cb36dffd8ba6d3e628
GET /upload/vod/2023/01/x3txqwdn520.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/jpeg
content-length: 10210
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10735, status=webp_bigger
etag: "63d3ac46-29ef"
last-modified: Fri, 27 Jan 2023 10:49:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7907d3b46988b524-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/romyyhzc3zv.jpg
104.22.12.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/romyyhzc3zv.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c70af7a69c81b1e4ab603d3dcc12366
ab706d069b296580a29f01d730a1025ca230a3c4
58f822d1d7857a0eea41556312102566a0c9733dd46b3517ba43a0c89f9aa2c6
GET /upload/vod/2023/01/romyyhzc3zv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/webp
content-length: 6434
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8836
content-disposition: inline; filename="romyyhzc3zv.webp"
etag: "63d3ac59-2284"
last-modified: Fri, 27 Jan 2023 10:50:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 7907d3b46989b524-OSL
X-Firefox-Spdy: h2
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 859db80394a135542482b2525b2e48ca
a2792cdb2e21a5842ef28522269126512f14b615
185465e1b7428379b8bff1598f3be1ad7ab1e275167cc4f958b6483cc8f4050a
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2077
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:56:13 GMT
Last-Modified: Sat, 28 Jan 2023 06:21:36 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
hm.baidu.com/hm.js?a669aef0b65aa9cba8fd783d5fdef3d4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a669aef0b65aa9cba8fd783d5fdef3d4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 21990b0d09fc45d96a1bd65ae7c94442
caca1880e9493e286345ad680ab7e634c4fca34b
fb7d67495dc9a2d3823dcf09cc8e8c486e45695e2ea75930a372ff935edc09e7
GET /hm.js?a669aef0b65aa9cba8fd783d5fdef3d4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: 957de96ec1f1bbc570ee71a408edfd3e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DE161A17457ED92E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?c02b3fb1c01c2cc521568d953b01b790
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c02b3fb1c01c2cc521568d953b01b790
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 0d163b450c39d3401d7b658a19a20f5d
454469d4711a69e29338f19a22efccabc5b4762b
76de24a9f82be9412cfed250a98a4fe3d4a0d418944e4cd4a5bf83c376e88005
GET /hm.js?c02b3fb1c01c2cc521568d953b01b790 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: fc22bf9248f7a9fc8cefd6ab37435cf3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=26F7CEE548545FCE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?bfacc46142ce587af469e6b7005e2340
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bfacc46142ce587af469e6b7005e2340
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash 382a44cacf181ce96efe88847d9c2f73
e4ac2f575e534121f77d5abbb8d5bfbbf86fcc0f
d53311ca9144ad73d2978d39e787f8ee229820f81cdd1763c9b223957523d7f4
GET /hm.js?bfacc46142ce587af469e6b7005e2340 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: 28ce51d3d53539d3ed30539314136d27
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AF5C41C2F3AF35AA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 04dce6823513debecd28b57f1c426847
e984a4b57ab469c45ca19a60e0d22fd66547c60a
9e6954e914eb9975d8d0cf1bb0e520d840da3210e1a21903342d808d9999c348
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124132
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: "63d408f1-1d7"
Expires: Sun, 29 Jan 2023 17:25:05 GMT
Last-Modified: Fri, 27 Jan 2023 17:25:05 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XMqxv6lEs8euwF7YpB4txkNaU3WpTMBg18oncqwxeHCjkwBOAyKQtg==
hm.baidu.com/hm.js?06c5424e5877f97fe38b42810a4fe923
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?06c5424e5877f97fe38b42810a4fe923
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 36ac9fe46c6ca1cb2153a559277f97cf
c516ac9cdf2778c9765980017c28532825018794
1839585504e95c4637eff09cfcbf6ca36fbeffc2d65a28cfc3304ff615793a52
GET /hm.js?06c5424e5877f97fe38b42810a4fe923 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:12 GMT
Etag: 8c72aa4e5a65255d907ae7653f9b15c0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A82572464485983E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
185.10.104.115200 OK 1.3 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /bjh/5f356028e5e94176f56a75568e49ae20.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 1296026
expires: Sun, 29 Jan 2023 03:44:38 GMT
last-modified: Sun, 01 May 2022 03:41:02 GMT
etag: "5f356028e5e94176f56a75568e49ae20"
age: 184295
accept-ranges: bytes
content-md5: XzVgKOXpQXb1anVWjkmuIA==
x-bce-content-crc32: 619664397
x-bce-debug-id: qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
x-bce-request-id: f2b33ae6-db81-4f70-9150-c6452b74a3f4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 03:44:37 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
ohc-file-size: 1296026
x-cache-status: HIT
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 158841
expires: Thu, 05 Jan 2023 14:31:55 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 1368160
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?583175c98c502451035c8c704183e3d7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?583175c98c502451035c8c704183e3d7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 43c63d03214624a1ae39181228812fb1
b5799d91c0a56f4cbd8e079e51ec564d4db46602
56fe79ee8b10c2d8f08b8f9280a986e8f3185ae5f90a4c7683072237356c4668
GET /hm.js?583175c98c502451035c8c704183e3d7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: 09577ec2ca0f634fee4d1a4fe29adfe9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=378A6610DF21E4EB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 71a6ad7bd571e553b87c5e7beaa6bbb9
d04dcd4e2f730ce9ded1fac39f09f25557188d2f
31e7b83527052580d98bf79ae2ca0c3111ab157b5100819c2be64c2cd8356570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:13:01 GMT
Expires: Wed, 01 Feb 2023 17:13:00 GMT
Etag: "d04dcd4e2f730ce9ded1fac39f09f25557188d2f"
Cache-Control: max-age=382006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907d3b5ff980b61-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 731697d02377035ac18cd27a68e5f8d2
ab89e1ab06a14201795df11dd4db7a61f2c89292
ac4824084323660bb2ae17b4f36b955aa832d21f2be994f77a965103ee37c0a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:39:06 GMT
Expires: Wed, 01 Feb 2023 15:39:05 GMT
Etag: "ab89e1ab06a14201795df11dd4db7a61f2c89292"
Cache-Control: max-age=376371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907d3b61a19fabc-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash cc9a8379b1d89017159c8ea02217f48e
80894297e136888e39e228c2fba5d30d6932859d
47dfe96865168f6994fcbd96c6aa242b090a70561c2db96780ff3e40a6e2b738
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:45:21 GMT
Expires: Wed, 01 Feb 2023 13:45:20 GMT
Etag: "80894297e136888e39e228c2fba5d30d6932859d"
Cache-Control: max-age=369546,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907d3b618690afa-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 789dcd10ab5818a873442245666594f1
ea65e4004d683034f7954df2c43a396a5c1cd71e
4d869d8a91347647b652f8b3c7c568e953a765421e7fefd66b117ba26ff65639
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D869D8A91347647B652F8B3C7C568E953A765421E7FEFD66B117BA26FF65639"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2621
Expires: Sat, 28 Jan 2023 07:39:54 GMT
Date: Sat, 28 Jan 2023 06:56:13 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1616042606&si=a669aef0b65aa9cba8fd783d5fdef3d4&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1616042606&si=a669aef0b65aa9cba8fd783d5fdef3d4&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1616042606&si=a669aef0b65aa9cba8fd783d5fdef3d4&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8D86931D5CB97A9F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1881612386&si=bfacc46142ce587af469e6b7005e2340&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1881612386&si=bfacc46142ce587af469e6b7005e2340&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1881612386&si=bfacc46142ce587af469e6b7005e2340&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=954CED326CF59D7A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=36653864&si=c02b3fb1c01c2cc521568d953b01b790&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=36653864&si=c02b3fb1c01c2cc521568d953b01b790&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=36653864&si=c02b3fb1c01c2cc521568d953b01b790&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F6779BC1C73CC0DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=571355444&si=06c5424e5877f97fe38b42810a4fe923&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=571355444&si=06c5424e5877f97fe38b42810a4fe923&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=571355444&si=06c5424e5877f97fe38b42810a4fe923&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4773571FD72A4914; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1536940513&si=583175c98c502451035c8c704183e3d7&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1536940513&si=583175c98c502451035c8c704183e3d7&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1536940513&si=583175c98c502451035c8c704183e3d7&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10980&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=124E89910600C81A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 1a979ffd3c4438d361664041af6c80cb
22e4c8c7e335f3329c68739ca60a856dfc307625
544178de8feaa4c866b7a930e68e9deca6ccdc329cc07efcbeeeced0e8aafe24
GET /hm.js?f60217089b1da6d1d44680872fcaac43 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: 59168ea7db70ecc0311bc9348ed798ae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5485288E8225A28D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kjimg10.360buyimg.com/ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif
121.226.246.3200 OK 457 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (456580 bytes)
Hash 7059d55150d658811ac4db8966a550c4
f3dd9b37c342379598385c8f8167d99f6b367e31
3082ea513221ce133b3462fdf8c67f38bbce2a0106447ea469d61860a834488d
GET /ott/jfs/t1/170425/6/32628/456580/6380d2c1E13738aaf/3604e19911b57cb8.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 456580
cache-control: max-age=15552000
expires: Sat, 22 Jul 2023 02:10:32 GMT
last-modified: Fri, 25 Nov 2022 14:35:45 GMT
age: 449142
via: http/1.1 ORI-CLOUD-HUZ-MIX-20 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-23 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674439831973-0-0-1-28-28;200;200-1674659465255-0-0-0-4-4;200-1674888973235-0-0-0-1-1
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash e33c06b838e9c7feef8e7be8dea918c2
dd09167132977628106356595861337938b86df0
9b3c324a730a4ff8cad73a00564173cb37e99a71e0a3a6c4dcf20d1ae9488bfa
GET /hm.js?6cdc9a2253c9e58f82eb10fc564d352b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: b160c81da282429e320386300d4a1c30
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0A06903BD3671BDF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?1622d687dce1595d972679d837df7993
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1622d687dce1595d972679d837df7993
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash d91bccfe4124348eb6b38f160c79399a
4ddc5c9cf77fb4ab71fb3ece160fc4c2ed1d57dd
c45197161354094720f44f0ab873abb994388417c47457356bad641d3aa8baba
GET /hm.js?1622d687dce1595d972679d837df7993 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:13 GMT
Etag: 5c534c0647d4f8961b31ce336f7043e4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E8BCBA4E3080C05E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kjimg10.360buyimg.com/ott/jfs/t1/130810/20/34063/286236/63c40fc1Fcf1c009d/afa46a5488688bc5.gif
121.226.246.3200 OK 286 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/130810/20/34063/286236/63c40fc1Fcf1c009d/afa46a5488688bc5.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 286 kB (286236 bytes)
Hash 45acdf63e82069eb8ff4c8c0cfafd816
490996638b2718ed34ba321c996e76360eb463fe
c131fa3d65c9239b39d5ae636186bbaa19ddc448850c87ec6a35423f8a8f3733
GET /ott/jfs/t1/130810/20/34063/286236/63c40fc1Fcf1c009d/afa46a5488688bc5.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 286236
cache-control: max-age=15552000
expires: Fri, 21 Jul 2023 07:55:24 GMT
last-modified: Sun, 15 Jan 2023 14:37:53 GMT
age: 514849
via: http/1.1 ORI-CLOUD-HUZ-MIX-21 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-13 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674374124419-0-0-1-32-32;200;200-1674382883121-0-0-0-7-7;200-1674888973240-0-0-0-0-0
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=88829875&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=88829875&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=88829875&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=626D23DA56696026; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:49:16 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Mon, 27 Feb 2023 06:49:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
45.61.212.164200 OK 275 kB URL HTTP/2 u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
IP 45.61.212.164:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 275 kB (275446 bytes)
Hash 70c0e3b780542b0ba8634822528674c1
18ff79341d6854d6c841618bc108233fb064b9c2
de2918f8ea0639a91d608b506207f16cc973559eb143eb711601ba50e14ef2bc
GET /cf8c8be1fbe748b3ab05c1896bde8d0b.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63bae198-433f6"
server: nginx
date: Sat, 28 Jan 2023 04:00:44 GMT
content-type: image/gif
last-modified: Sun, 08 Jan 2023 15:30:32 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-04
content-length: 275446
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=684101242&si=1622d687dce1595d972679d837df7993&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=684101242&si=1622d687dce1595d972679d837df7993&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=684101242&si=1622d687dce1595d972679d837df7993&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2FDD4475447039F8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1353588408&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1353588408&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1353588408&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=638E340E7F55F6CD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 265d1a4f9bf797696f1f4d83a527297b
dce7dd0cc2f7bfb802a327b6d2607043581f6c1c
37ba5a229a6c539aa75c69d639089eb467e2c673d0cd29d16fa405abad04288a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Sat, 28 Jan 2023 06:56:14 GMT
Connection: keep-alive
X-N: S
u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
45.61.212.164200 OK 347 kB URL HTTP/2 u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
IP 45.61.212.164:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 347 kB (347426 bytes)
Hash 9113d18ae855d227d6f10b05e4f6425e
5e9cafc7cb295afbdc9298fd7144f3125191b710
2e70e0d59d74220a307c094c2cf8b77ef905bf8ec8226e35f115632485aba973
GET /b80b68717e334bfcb8f9c35dec22678c.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b563f5-54d22"
server: nginx
date: Tue, 24 Jan 2023 01:06:54 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 11:33:09 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-04
content-length: 347426
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b7e01102f29555ea83ee820c78ee1251
c1d4b16354ba0dea2ff60094f1aaf1ff7fa3c469
c8aa134c97ad28e1564f0438bba59ca1920b1814dc8f41553890a221061152eb
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 06:56:14 GMT
Etag: 55e97e73e911f214e5d9aafb24419daa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B34D8F73BA9E11A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
5199qq.com/c01be6ba19f9425fb2464fa5f2150411.gif
45.61.212.129200 OK 378 kB URL HTTP/1.1 5199qq.com/c01be6ba19f9425fb2464fa5f2150411.gif
IP 45.61.212.129:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 378 kB (378244 bytes)
Hash dcee74862649d4f1b27bf2bad4d7b505
ab5a968d4276ee57121e47a816bbb760f6ea352b
0932de00bb38b492d7d3ea9626be48617dee34b86b650c6bde61e30d09063d2e
GET /c01be6ba19f9425fb2464fa5f2150411.gif HTTP/1.1
Host: 5199qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c6a05a-5c584"
Date: Wed, 25 Jan 2023 19:07:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 13:19:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 378244
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
121.226.246.3200 OK 894 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=15552000
expires: Wed, 19 Jul 2023 03:55:42 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 702031
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cRs f ]), http/1.1 SQ-CT-1-MIX-13 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674186942275-0-0-0-45-45;200;200-1674614739900-0-0-0-1-1;200-1674888973242-0-0-0-0-0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4b0e4bc8a6a260d22732254912fdd81
7174c50326f063f2df31996e4bc3fea45cd2c3a7
a24d18cf05f7d496003e9719c429c0f94b092a6f25a063ed727fa985a8edd136
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A24D18CF05F7D496003E9719C429C0F94B092A6F25A063ED727FA985A8EDD136"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16732
Expires: Sat, 28 Jan 2023 11:35:06 GMT
Date: Sat, 28 Jan 2023 06:56:14 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash aa595503fd94f7714c452a9ee413b95d
8a1e337def7a8476abdd299cdb4be286890977dc
0120cf53635e284616874351e36c5ec296d0a0df269079a08cc1034525c18806
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 06:56:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 13:54:28 GMT
Expires: Thu, 02 Feb 2023 13:54:27 GMT
Etag: "8a1e337def7a8476abdd299cdb4be286890977dc"
Cache-Control: max-age=456492,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907d3bbcaec0b61-OSL
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
121.226.246.3200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:13 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=15552000
expires: Tue, 25 Jul 2023 18:57:20 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 129533
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-13 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674759440147-0-0-14-81-81;200;200-1674826739370-0-0-0-38-38;200-1674888973288-0-0-0-4-4
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a53c538d9b475ffd4b3bf1f449b5ac4f
a219949fa97428fa4f14cc2597b7108e511589f2
6f89d7950d7206ab453fb10495ffbed6ee62d6868d6f149a33592981934b63fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4136
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:56:14 GMT
Last-Modified: Sat, 28 Jan 2023 05:47:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.64200 OK 300 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.64:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 300 kB (299985 bytes)
Hash 5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63D4C70DDA8A7931394AD044
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 1
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.72200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.72:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:14 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Wed, 29 Mar 2023 06:56:13 GMT
last-modified: Tue, 07 Mar 2023 08:18:57 GMT
x-nws-log-uuid: 11d4a5e7-0aae-4941-8945-fb0a72021a11
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: 15e43310eacc637d4ebc3013fed5c61a
m-traceid: kaiwwg7g47cexjt8s7rc
age: 546637
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
47.246.44.226200 OK 638 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 638 kB (637830 bytes)
Hash 038cc3c0d0309ae7edac2468660d6ace
7c625c7e99f6cc090985f06c31d835852c407b83
029afc7f86b07276e77f5a1f657b2347204ab18863ed2c40d3a5122f23d12c82
GET /obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 637830
date: Mon, 09 Jan 2023 14:22:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 09 Jan 2023 12:31:47 GMT
nw-session-id: 202301092031472FF0DA8F74B79DF4D092tvfd201dy
nw-session-trace: 2023-01-09T20:31:47.625548883+08:00 90
x-bdcdn-cache-status: TCP_HIT
x-length: 637830
x-powered-by: ImageX
x-response-date: Mon, 09 Jan 2023 20:31:47 GMT
x-tt-logid: 202301092031472FF0DA8F74B79DF4D092
via: n131-120-212, cache17.l2de2[0,0,206-0,H], cache10.l2de2[1,0], cache10.l2de2[1,0], cache1.se1[0,0,200-0,H], cache4.se1[5,0]
x-request-ip: fdbd:dc03:8:577::14
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-tt-trace-host: 01c734cca4103e2a0e1159f9306391b8c0d2922725c9864f02af173eda916716925e0c544793ac80bc2a409b45ff52b866aa4f9f296dea60c32f3b80e8f731e074e58ce6a5fcdf62fb0a2e6e31910aeb8ff334239f98c60cfd9f15a9853464832f
x-response-lb: image
ali-swift-global-savetime: 1673274178
age: 1614796
x-cache: HIT TCP_MEM_HIT dirn:11:197343923 mlen:0
x-swift-savetime: Wed, 11 Jan 2023 02:35:59 GMT
x-swift-cachetime: 31405619
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816748889748912169e
X-Firefox-Spdy: h2
768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
120.77.167.195200 OK 264 kB URL HTTP/1.1 768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
IP 120.77.167.195:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: 768guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 06:56:13 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63D4C70D8AF0BE36375D0FA9
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Thu, 08 Dec 2022 08:00:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 2
img.aosikaimge.com/20221022/ibZNr5pB/1.jpg
162.209.194.27200 OK 28 kB URL HTTP/2 img.aosikaimge.com/20221022/ibZNr5pB/1.jpg
IP 162.209.194.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 320x180, components 3\012- data
Hash 0d3823e02f41f6d4a1063b3255f5bd6f
43e860be8a764bf9bf1f2e27bbbbe6c7e61f3e3f
e2e6e9f47a27aa23cc5becda1bd49842773bf82c2dd1379e09352f33ac565eaa
GET /20221022/ibZNr5pB/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 06:56:14 GMT
content-type: image/jpeg
content-length: 27870
last-modified: Sat, 22 Oct 2022 11:23:58 GMT
etag: "6353d2ce-6cde"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=337100150&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=337100150&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=337100150&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Famk.aimkk2.top%2F&v=1.3.0&lv=1&sn=10981&r=0&ww=1124&u=http%3A%2F%2Fgd1.aijiu26.top%2F&tt=%E7%88%B1%E4%B9%85%E4%B9%85%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 06:56:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=38DEA645D69DD2FE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 6b6a81057de8e14485d5bd48d163a440
3b40628e0704b43da7f8c96ab403f2dbe2f15d0a
8685f24bf3a3c9e68b2452b88fe0836daf70fd82c8ee844fe54bf46d315baf19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 06:56:14 GMT
Server: ECS (amb/6BB8)
Content-Length: 727
n0544.com/fb2a0ecfc87d434ca81af817d18356f2.gif
54.151.242.68200 OK 0 B URL HTTP/2 n0544.com/fb2a0ecfc87d434ca81af817d18356f2.gif
IP 54.151.242.68:0
GET /fb2a0ecfc87d434ca81af817d18356f2.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:15 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 08 Jan 2023 15:30:16 GMT
etag: W/"63bae188-7dc8"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/f374b372f2044d82a542ac46bcd11f97~noop.image
4.34.42.103200 OK 0 B URL HTTP/2 p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/f374b372f2044d82a542ac46bcd11f97~noop.image
IP 4.34.42.103:0
GET /img/tos-cn-i-siecs4i2o7/f374b372f2044d82a542ac46bcd11f97~noop.image HTTP/1.1
Host: p9.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 411269
date: Fri, 16 Sep 2022 14:40:02 GMT
server: nginx
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 03 Mar 2022 12:12:44 GMT
nw-session-id: 2022030320124301015110820802924FB5dhbtg01tt
nw-session-trace: 2022-03-03T20:12:44.05210233+08:00 56
x-bdcdn-cache-status: TCP_HIT
x-length: 411269
x-powered-by: ImageX
x-response-date: Thu, 03 Mar 2022 20:12:44 GMT
x-tt-logid: 2022030320124301015110820802924FB5
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
x-response-lb: image
x-ser: BC24_dx-lt-yd-zhejiang-huzhou-3-cache-2, BC24_dx-lt-yd-zhejiang-huzhou-3-cache-2, BC33_US-Michigan-chieago-1-cache-1, BC104_US-Colorado-Denver-1-cache-1, BC104_US-Colorado-Denver-1-cache-1
x-cache: HIT from BC104_US-Colorado-Denver-1-cache-1(baishan)
server-timing: cdn-cache;desc=HIT,edge;dur=4
access-control-allow-origin: *
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
X-Firefox-Spdy: h2
sm45t.com/image/sm-650x350.gif
23.225.89.165200 OK 0 B URL HTTP/2 sm45t.com/image/sm-650x350.gif
IP 23.225.89.165:0
GET /image/sm-650x350.gif HTTP/1.1
Host: sm45t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 06:56:15 GMT
content-type: image/gif
content-length: 75257
last-modified: Mon, 19 Dec 2022 07:42:39 GMT
etag: "63a015ef-125f9"
expires: Wed, 15 Feb 2023 19:32:11 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.2611u.com/images/638edb5d970f0b1d475e3297.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.2611u.com/images/638edb5d970f0b1d475e3297.gif
IP 3.36.126.81:0
GET /images/638edb5d970f0b1d475e3297.gif HTTP/1.1
Host: img.2611u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gd1.aijiu26.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2