r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14263
Expires: Sun, 29 Jan 2023 09:39:42 GMT
Date: Sun, 29 Jan 2023 05:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12169
Expires: Sun, 29 Jan 2023 09:04:48 GMT
Date: Sun, 29 Jan 2023 05:41:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 04:43:07 GMT
content-type: application/json
age: 3532
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dhnzs.com/index.php
200 OK 605 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (688), with CRLF line terminators
Hash 8e96bc42ffb156383cf03e258db0e581
85a8fa97822d549880f6b95664bf15ffc52ee736
4de769cabedeac3a62db9d27803fb2d282d6620cd1ce36f8e5f2823238159a25
GET /index.php HTTP/1.1
Host: www.dhnzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:41:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7254
Expires: Sun, 29 Jan 2023 07:42:53 GMT
Date: Sun, 29 Jan 2023 05:41:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 83O7j8a8+q0yuvy2ln+KPTSSEvqAoFPF8GHqXkGpBW1isck7oPsluMZmloXcmdRwS13TvOv3jBAP7EWnF1SXTw==
x-amz-request-id: MH9SCJB1BHV0SNMJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 04:50:11 GMT
age: 3108
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:41:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.dhnzs.com/common.js
200 OK 633 B IP
File type ASCII text, with CRLF line terminators
Hash 0144efcf02cc427a7d3e35d1559a2b1f
9e78e02358511bdd932e66bb4a38e2fa2902401f
3fba8d8d03d17cbc6aa725d7caf5773a840c9470f365d9034de92224879e9f02
GET /common.js HTTP/1.1
Host: www.dhnzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dhnzs.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:41:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.dhnzs.com/tj.js
200 OK 818 B IP
File type HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 0e3e248f1538e926cf639d95ecc91b85
691023f7c6bcc2a583d657d5b285667c4cd82442
734be19ac9f5632b336142472ead8e43583c3679f1fb1a7cfc459ecb44f80c25
GET /tj.js HTTP/1.1
Host: www.dhnzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dhnzs.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:41:59 GMT
Content-Type: application/x-javascript
Content-Length: 818
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 05:41:41 GMT
age: 18
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dhnzs.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 29 Jan 2023 05:41:59 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Sun, 29 Jan 2023 09:19:55 GMT
Date: Sun, 29 Jan 2023 05:42:00 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 62e97fbee24fc3d9856649be045e8df7
9bb9620f6a53ac1773fe5abc55091e13bd46c0a5
f3667a4012c4b4888a1ef38d91278d9bc0df60d30a2879ef0247db6a65d1d381
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 02 Feb 2023 03:26:02 GMT
ETag: "9bb9620f6a53ac1773fe5abc55091e13bd46c0a5"
Last-Modified: Sun, 29 Jan 2023 03:26:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 938
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa45b08950afa-OSL
api.xpgys11.xyz/news/index.php
200 OK 47 B URL HTTP/1.1 api.xpgys11.xyz/news/index.php
IP
File type HTML document, ASCII text, with no line terminators
Hash fc85f8ae73e9115d7d0db8bdb3049f87
ea85207ece10f485dfafc746433640e1a00a2465
06e8aab0f94e607266dfee3aa62468025bd845498f0912b9dd9b87a0832f3569
GET /news/index.php HTTP/1.1
Host: api.xpgys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dhnzs.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
api.xpgys11.xyz/news/api.php
200 OK 237 B URL HTTP/1.1 api.xpgys11.xyz/news/api.php
IP
File type ISO-8859 text, with CRLF line terminators
Hash 0824c72f62b78828aaf6704e108d78bd
5a86d89a03a61ed35299df96872c3c078547e104
a54a46df7209ec09f84f8356dca1951bb21ed45c6914a9e4205746f09d05ed8f
GET /news/api.php HTTP/1.1
Host: api.xpgys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.xpgys11.xyz/news/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FLUSUJowrMVTgIzPTbTCfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tG/+3/jKO8lGLJvIeFieUTVlF44=
www.dhnzs.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.dhnzs.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.dhnzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dhnzs.com/index.php
Cookie: __vtins__JvgjTw2aEuUufWLO=%7B%22sid%22%3A%20%223442d76b-9662-5325-a3ea-da2126c08dbe%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201674972725913%2C%20%22ct%22%3A%201674970925913%7D; __51uvsct__JvgjTw2aEuUufWLO=1; __51vcke__JvgjTw2aEuUufWLO=2b4a4dd9-7adf-5bc9-9782-c0bb5ad6be91; __51vuft__JvgjTw2aEuUufWLO=1674970925918
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:41:59 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Fri, 03 Feb 2023 05:41:59 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
www.zt1h.com/
200 OK 551 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (749), with CRLF line terminators
Hash bbf0c8faa52b7562bed5614cdcd04ff5
3aaac3a1801197ff7f89a0b08f2d216e60e5ab9b
2cb7d3361e5b22b553bae7fb0587140840bfca9047f5e81a720bb75354d6f0a2
GET / HTTP/1.1
Host: www.zt1h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.xpgys11.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
collect-v6.51.la/v6/collect?dt=4
403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 460
Origin: http://www.dhnzs.com
Connection: keep-alive
Referer: http://www.dhnzs.com/
HTTP/1.1 403
Server: CloudWAF
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=78feecf7ebfdb74c88b; path=/
HWWAFSESTIME=1674970917666; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.dhnzs.com
Access-Control-Allow-Credentials: true
www.zt1h.com/common.js
200 OK 693 B IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 83a4efa0eb73ebd984942bc2e1f25a61
963c721680ab66879d1332c6d769100573036bec
3233cb151eb3ad7b782c3452c955e6f857e6ca219eeb42371298d536eb5f5acc
GET /common.js HTTP/1.1
Host: www.zt1h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zt1h.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:01 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.zt1h.com/tj.js
200 OK 260 B IP
File type ASCII text, with CRLF line terminators
Hash 33b3088d44546517b50f97c50b3a32c7
41280cea921da33bdfb899d2d38dc7d89dd36756
21bde1b508ba154e31b38a7ab1207f54592dd5aa81fb88472aa895d8a4051ea9
GET /tj.js HTTP/1.1
Host: www.zt1h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zt1h.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:01 GMT
Content-Type: application/x-javascript
Content-Length: 260
Connection: keep-alive
api.xpgys11.xyz/news/index.php
200 OK 47 B URL HTTP/1.1 api.xpgys11.xyz/news/index.php
IP
File type HTML document, ASCII text, with no line terminators
Hash fc85f8ae73e9115d7d0db8bdb3049f87
ea85207ece10f485dfafc746433640e1a00a2465
06e8aab0f94e607266dfee3aa62468025bd845498f0912b9dd9b87a0832f3569
GET /news/index.php HTTP/1.1
Host: api.xpgys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zt1h.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?734be710924d2e5bc2ed8eeea6793297
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?734be710924d2e5bc2ed8eeea6793297
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash a6fdcf0e64c4e83e67c8548bd351a5f1
489703c82228c9d4cdb9b983b4b5cc4fee6e1fa4
28b4bb3b580681812130c60ee73e625cfe01fc19ca968742410cc8d9c600f11d
GET /hm.js?734be710924d2e5bc2ed8eeea6793297 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dhnzs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 05:42:00 GMT
Etag: 2989336fc6ceb97911042866bfff0cb2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=691B5909722600BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?a9184155a68ec666872719ece5071679
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a9184155a68ec666872719ece5071679
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 85532391c8f4b76185eba3919e5dd829
36cad07bb3e4734f405985d5b939d9aa14753f9f
2496889d6a9cf2f64f91e854a8f203026e16b262d973b2c51ffced2723d93a5b
GET /hm.js?a9184155a68ec666872719ece5071679 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dhnzs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 05:42:00 GMT
Etag: 164a57ec0b0893851b34afd8852e2d87
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3F3A2FDE5FC2A565; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
api.xpgys11.xyz/news/api.php
200 OK 237 B URL HTTP/1.1 api.xpgys11.xyz/news/api.php
IP
File type ISO-8859 text, with CRLF line terminators
Hash 0824c72f62b78828aaf6704e108d78bd
5a86d89a03a61ed35299df96872c3c078547e104
a54a46df7209ec09f84f8356dca1951bb21ed45c6914a9e4205746f09d05ed8f
GET /news/api.php HTTP/1.1
Host: api.xpgys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.xpgys11.xyz/news/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 05:42:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:42:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 43565
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 20275
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 7649
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 28540
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e59316e1b1333c42d9d120fa88619bc2
669cdc8dfeba9d64f93f260adbb5f493a5649bb0
c4e78ec96322f1f151b07f9a45d51e6ca3fd46613472cf627f53bf399193a533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9398
x-amzn-requestid: 5083c66c-ad64-4f73-b915-d29ddabcdb4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6XEc1IAMFsbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-0779693a5da31eae195989d1;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2MPzkEPg3JESo6g5D7E2LN53G-zYF__aFQmDg9DzSRxg0E19j1Iwkw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:32:41 GMT
age: 7760
etag: "669cdc8dfeba9d64f93f260adbb5f493a5649bb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:41:58 GMT
age: 82803
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=247674238&si=734be710924d2e5bc2ed8eeea6793297&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=247674238&si=734be710924d2e5bc2ed8eeea6793297&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=247674238&si=734be710924d2e5bc2ed8eeea6793297&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dhnzs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 05:42:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2F7BADF689CAF427; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?1ba63a59a17a9eafdf1a25ad1f6b0c33
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1ba63a59a17a9eafdf1a25ad1f6b0c33
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash a24f73e1261e4dae21c5a271f5272239
840464aa75708b49ba5b50f7212021007e47a743
5db6a2ba54101f9aaebc7053f38117a625b08380884f1613fe0f1a2cc9aeb7da
GET /hm.js?1ba63a59a17a9eafdf1a25ad1f6b0c33 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zt1h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 05:42:01 GMT
Etag: 652f2a31e00339199816a60b9fc4d2f6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C557668FA0D6207F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=490390127&si=a9184155a68ec666872719ece5071679&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=490390127&si=a9184155a68ec666872719ece5071679&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=490390127&si=a9184155a68ec666872719ece5071679&v=1.3.0&lv=1&sn=27397&r=0&ww=1280&u=http%3A%2F%2Fwww.dhnzs.com%2Findex.php&tt=%E5%B8%B8%E5%BE%B7%E6%AE%B4%E4%BA%A4%E5%81%A5%E5%BA%B7%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dhnzs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 05:42:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AD04A5C4A514E5D2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.cqcq9.com/
200 OK 20 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (372), with CRLF line terminators
Hash 4a20820e84b0de1c4ced3843ffb89be5
7782e7a95bc6c63e5475408e78affa880d89b18d
6bf54a26f5595748d7011723c21cebedd939cd8ea4b17ca3cec588a1ae8a6bfe
GET / HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.xpgys11.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 04 Sep 2022 16:30:34 GMT
Accept-Ranges: bytes
ETag: "85ef9fa87bc0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 19843
www.cqcq9.com/ggvip/shang.js
200 OK 127 B URL HTTP/1.1 www.cqcq9.com/ggvip/shang.js
IP
File type HTML document, ASCII text, with no line terminators
Hash 37c556ac04a5f5cadb6c241a4ae8d33c
fd2005426212abc958bb547db1b4431ec248d8d1
02c7ae6783a11b627a1786042c000cc1543fa14d4f444fb1c5d71eb026bd0526
GET /ggvip/shang.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 07:58:59 GMT
Accept-Ranges: bytes
ETag: "8930803034c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 127
www.cqcq9.com/ggvip/dh.js
200 OK 128 B URL HTTP/1.1 www.cqcq9.com/ggvip/dh.js
IP
File type HTML document, ASCII text, with no line terminators
Hash 15179ef7a51cf01bcfa62c26f053ba03
83fccea4f10371803de0d124be613daf0b6ca21d
5712dc8eb13199d4b1673a8f74bf281a29ae342ce3a804e69357f807695ae2d8
GET /ggvip/dh.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 07:57:47 GMT
Accept-Ranges: bytes
ETag: "73daa8534c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 128
www.cqcq9.com/ggvip/zhong.js
200 OK 258 B URL HTTP/1.1 www.cqcq9.com/ggvip/zhong.js
IP
File type HTML document, ASCII text, with CRLF line terminators
Hash b98e12c63a82568ac37c45acfbbf9b10
64ae7e8ab2297fa3975fb646c0afdeef98bee922
f672fceda5a1db2bf1c88201fe9a3cfde5527ab18621049a2ca1216297982631
GET /ggvip/zhong.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 08:00:36 GMT
Accept-Ranges: bytes
ETag: "9bb4a76a34c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 258
www.cqcq9.com/ggvip/sp.js
200 OK 127 B URL HTTP/1.1 www.cqcq9.com/ggvip/sp.js
IP
File type HTML document, ASCII text, with no line terminators
Hash 077359a6f600f6603c9b05e5a692c692
78bb3067655fbacb12ad65102f03e0125011906d
1be76d46ec17d20873c26476027e7d73e20f564b9cc09d19e0a0838f23ed34b1
GET /ggvip/sp.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 07:59:09 GMT
Accept-Ranges: bytes
ETag: "a32bec3634c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 127
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255521865&si=1ba63a59a17a9eafdf1a25ad1f6b0c33&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27398&r=0&ww=1280&u=http%3A%2F%2Fwww.zt1h.com%2F&tt=%E5%85%B4%E5%AE%89%E7%9B%9F%E8%A3%85%E6%8E%A2%E7%94%B5%E5%AD%90%E6%8A%80%E6%9C%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255521865&si=1ba63a59a17a9eafdf1a25ad1f6b0c33&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27398&r=0&ww=1280&u=http%3A%2F%2Fwww.zt1h.com%2F&tt=%E5%85%B4%E5%AE%89%E7%9B%9F%E8%A3%85%E6%8E%A2%E7%94%B5%E5%AD%90%E6%8A%80%E6%9C%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255521865&si=1ba63a59a17a9eafdf1a25ad1f6b0c33&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27398&r=0&ww=1280&u=http%3A%2F%2Fwww.zt1h.com%2F&tt=%E5%85%B4%E5%AE%89%E7%9B%9F%E8%A3%85%E6%8E%A2%E7%94%B5%E5%AD%90%E6%8A%80%E6%9C%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zt1h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 05:42:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CF1DF6B106613526; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.cqcq9.com/template/default/images/style.css
200 OK 15 kB URL HTTP/1.1 www.cqcq9.com/template/default/images/style.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1249), with CRLF line terminators
Hash 1729b6c8eff370869c022937f8168adb
5f49b429ed6acbcf4b50d12bb3dd67d26331787e
a621467c6daff99704c13d41786bc2f7906b4da6ab4e452fdd905d232c2e7eb0
GET /template/default/images/style.css HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 03 Sep 2022 12:11:53 GMT
Accept-Ranges: bytes
ETag: "c4abf25a8ebfd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 15321
www.cqcq9.com/ggvip/xxx3.js
200 OK 135 B URL HTTP/1.1 www.cqcq9.com/ggvip/xxx3.js
IP
File type HTML document, ASCII text, with CRLF line terminators
Hash 0b9733ec2d7643808987165f41fd2046
ec3b3bf6b9e881d1418b766b3af83df2020e6afb
9049eaa99c1e3161be8ab147b11e56e6fb4506da27fdc417520c45050e548348
GET /ggvip/xxx3.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 07:59:40 GMT
Accept-Ranges: bytes
ETag: "dcaffa4834c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 135
www.cqcq9.com/ggvip/dibu.js
200 OK 951 B URL HTTP/1.1 www.cqcq9.com/ggvip/dibu.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 2f0753de049179b2e3db89f74c1557a9
19c311b06e3f09f7c6b50361c40ea216bb9e632c
18bc9e82631df2723502f57e689dd73c2f7364f13277e56acade536c7e71d751
GET /ggvip/dibu.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 17 Sep 2022 14:38:28 GMT
Accept-Ranges: bytes
ETag: "b637a26a3cad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 951
www.cqcq9.com/ggvip/dl.js
200 OK 268 B URL HTTP/1.1 www.cqcq9.com/ggvip/dl.js
IP
File type HTML document, ASCII text, with CRLF line terminators
Hash 8bb842688c46e8a112377acca9fa43b0
68d7421d58afeb7a86aa9fd668f04fd0a90786fe
7421bbd18febccfa4870a4c4a44e6b0ed66b21556791cfb0dc1a70b3c4c9d245
GET /ggvip/dl.js HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 04 Sep 2022 07:58:33 GMT
Accept-Ranges: bytes
ETag: "5cb3fa2034c0d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 268
fmlb.netlbtu.com/upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:01 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg
www.cqcq9.com/images/bg.jpg
200 OK 481 B URL HTTP/1.1 www.cqcq9.com/images/bg.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Hash fc45958c2a7937a709273cbbeb51821e
84d3ef6479ce1070ac197f6bac8f2e4f01f7056e
ef9a6bf14c6822f24ffdfe2ee625ab0b065bdcbc6c0aeaa040ee27bf27bc7d02
GET /images/bg.jpg HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/template/default/images/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sun, 05 Apr 2015 12:43:57 GMT
Accept-Ranges: bytes
ETag: "b8c0a52e9e6fd01:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:00 GMT
Content-Length: 481
fmlb.netlbtu.com/upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg
img.guoseapi.com/upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFSGgb1Oq09mzGkN37TEFnQk9JaAyanT7yMOHESr0IxwlzXIczOB7hU5l%2BEawpDrFWiC4Iz8gRNC4CEqMweIv9cEgi%2Ba9CvACKiXC4z%2FmFCJe69%2BmP0BT4ES4w1xAmyJUfIQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa468396eb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQ4B9CEfpTLGrgLHAybACEye6Xym%2BWWdWOcwVCVv2%2BdhpQN2MFbOTVmAO%2Fnpqg5w2CKc2%2FQF3E%2BcqteXt%2FG99N0Zd%2FEarqUnVCrScZ34sjynXcl6zSjbsv%2BCxKWx7roQLyZY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa4683d7f0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFJhqXgYqs9JyxTX8%2BPhHsiOVlmPUlVejb2Jd6Gh0eMzdoCws0H5dsoouBpu7qAr7ZcZR5m5dViAoIG1TTJmO3yeHj6CpEV2sUNdPBv%2BTTJyFcGMsbmW0AljMBNfO6cB%2B2JL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa4683942b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmlb.netlbtu.com/upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg
img.guoseapi.com/upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Qg7rWQXaEMn7CrzvaBmRffN%2FL5h8V%2FYJRFJnHJU9HjmoTYODhy8ABscrn9XSHmaT85BDrV5yQdyR5yB3Wk4hKDYrX%2FbEDMAR39MMGs07dvpNhnhZTawQ9%2FktHc2PpjgaI14"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa4683869b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojqCBOBrdwAMbEJYp0mOdoPfEcpf2Ew2Az9A2965CyAeyQFJ3F%2FDyWXgErzaDCvvtMy5YfrAznKPnbuxy4%2Fp4EFEqjOYtDskcDaD77H2UMjRB%2F5ab%2BkXjox%2B3cDB7YPVeAc%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa468395ab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WSebDAKtyIHVsbkT7KjYRoLHzjIopvyKY3a4zXD9997dPjyfTU8C47UUW%2F2Rs4cihJsa8EVG7lUcS4RAc8L55jfJyVnj83fJ0ciUODJM3TE2el6KTYzIdVFcKyuw20x1gC9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa4683cedb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmlb.netlbtu.com/upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg
fmlb.netlbtu.com/upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 06953d3c5723f0e00a645ddb3fe5cad5
7e81bf821f90477acd5c6f84d3ec28cdee6103ee
2ed531032e4e00afdfdc0989bffea6d6ca270fbdfbedf1bdcfbe88f2636254e2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=182
Date: Sun, 29 Jan 2023 05:42:02 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 06953d3c5723f0e00a645ddb3fe5cad5
7e81bf821f90477acd5c6f84d3ec28cdee6103ee
2ed531032e4e00afdfdc0989bffea6d6ca270fbdfbedf1bdcfbe88f2636254e2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=150
Date: Sun, 29 Jan 2023 05:42:02 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 06953d3c5723f0e00a645ddb3fe5cad5
7e81bf821f90477acd5c6f84d3ec28cdee6103ee
2ed531032e4e00afdfdc0989bffea6d6ca270fbdfbedf1bdcfbe88f2636254e2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=160
Date: Sun, 29 Jan 2023 05:42:02 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 06953d3c5723f0e00a645ddb3fe5cad5
7e81bf821f90477acd5c6f84d3ec28cdee6103ee
2ed531032e4e00afdfdc0989bffea6d6ca270fbdfbedf1bdcfbe88f2636254e2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=160
Date: Sun, 29 Jan 2023 05:42:02 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c2f07ab89b0b586ece8c57b132c9847
bd204a67f13d6d21f05afc2df2ea1a29d512f237
16e7ca275c8597a06a2f3c83dc2c6dd09d34e9a6d3b7b66029d58b9f80baf5b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16E7CA275C8597A06A2F3C83DC2C6DD09D34E9A6D3B7B66029D58B9F80BAF5B2"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 11:42:02 GMT
Date: Sun, 29 Jan 2023 05:42:02 GMT
Connection: keep-alive
img.guoseapi.com/upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFZebNZ6DUgd%2BYmFKQYftUNE99X4er7lpK4NVI%2F7nyce6nS%2FlUBn%2BVzlLcnMr%2Fl9tNiqgygji4%2BAQglbzmUykIVfB7vu2HpUBx7%2FVYEx2kGtpPo27Cgqj1TfmCeMYBmip93p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46a7e070afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PT4BJcWxWgZ82kR4UxwLm92I8DtgQvd%2FuRUfKEzFAvepvVKGPDakXMWzuZ3YWdVqqQXfUWOx3yErzP2ODXNRr8kZPKv0VdXmSm9kfOrHNxZPGFTb%2FXcN736dY4NlMCX0dGfh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46a7a10b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjmHTgtItHRZ1eGsLW%2FmV85BSpWxkWGLYQHSEsYbPZf2nm9ENNJwjCQnouInIZsi333nUk599oxTq2VcHSSRghzaxFT1xk3RvBxDqMnDovMPwnJidD7eYJye1US77738G9ML"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46a8a1eb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kP0r2lW2mc%2FuYnI0jFqdThj%2BGJQWc%2FJ4%2Be4EOJ8CNACoVNHgiofTt%2B77lmw5GsxhHs4y2ocPWCsGJShsjr2fc2EUoONCzDebHM8D3Y%2BCZAPpxgDI1%2F8poDNm4Hwocztr0PLa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46aaa4ab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd%2BQ7lahhTopYpWKtDywzeIa9%2BUubDOKgIXQPjKjx3WOrnlHwWSkic4z0p0iL5M1s2wHipnjiSQDdqPTJXXRCuCdKNHHo9eESIkcXP6i04yt5k8tttZ0JkoQBkCWKmHDT2zv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46a9962b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB%2FMUbtijWSodlzzo%2FnUNlXRLW0%2FH6P2SWAowCICU%2B9Rt4rYpFy51jgeVbMzNxF433r1IFFd1bxORgQ4BuZ%2Fes0l4rgD%2Fcyazw39LQCHJ0pCrXSrQLbusOLGag%2FO9shdHvnY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46ace24b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmlb.netlbtu.com/upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg
200 OK 7.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d76f7417a137e4677dd92852500e4371
634c0534af667bcc460a7c8a0e63bae21170b1aa
ae7d6e2c9c85793c746ebd8533cb3ca694d295135e9bcf26cee1bbd1e72c9694
GET /upload/vod/2022/09-04/14/w43n41w1ft51459w43n41w1ft55081.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 7733
Last-Modified: Wed, 09 Nov 2022 12:01:11 GMT
Connection: keep-alive
ETag: "636b9687-1e35"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg
200 OK 7.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3443fb318caf862a9debd9335fc25468
0787c66245eccd6791c6e09e19e69a6c1ec2ff00
92e7515f93cd4f88d3ef20ad4cebc93c9374e2b50e03fbdf6269a9c59e089769
GET /upload/vod/2022/09-04/14/g1jpdwofwfj1459g1jpdwofwfj5183.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 7930
Last-Modified: Wed, 09 Nov 2022 11:56:52 GMT
Connection: keep-alive
ETag: "636b9584-1efa"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg
200 OK 6.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5c6769f3df7609da570824a6dbcf086d
887e92e93f03af380a0fc9b0dc01088f55eda26c
6a87b1de31c146cc93391ce7842d52516f32abf9b1ce0ea1f0b60731a18c9fbc
GET /upload/vod/2022/09-04/14/32cledzlsjq145932cledzlsjq5285.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 6612
Last-Modified: Wed, 09 Nov 2022 11:59:54 GMT
Connection: keep-alive
ETag: "636b963a-19d4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg
200 OK 9.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8718225c23ac90d639e0611eef2c4b90
5dad0e9d9913bb96323b7759ebf926e7a3bb0f86
ea0abf168a4a4a65248ed610ba4e3b433e9d1bbaec7a0a8b28ae9e6b8f72338a
GET /upload/vod/2022/09-04/14/0no20n5s3a214590no20n5s3a24877.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 9049
Last-Modified: Wed, 09 Nov 2022 11:56:51 GMT
Connection: keep-alive
ETag: "636b9583-2359"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg
200 OK 8.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 263a6c573edd5625d080985fd889bef9
4af7f8f02d51546141a7ce09604b126646366d59
802e6c2e5af31821490b2e5cec282c191f1bb27296549c4b5017856e0ddde5b0
GET /upload/vod/2022/09-04/14/3mdqoloas0a14593mdqoloas0a4979.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 8155
Last-Modified: Wed, 09 Nov 2022 11:56:17 GMT
Connection: keep-alive
ETag: "636b9561-1fdb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg
200 OK 9.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 68e8148a048b4e58774617639a56dccf
a7d1fa058a243be0f0e79bc73b974f909de14a91
9545741c830d93de18bf98037a031e01bd08ac7997d6543fd4da06adad7f75eb
GET /upload/vod/2022/09-04/14/3cn4y55tzza14593cn4y55tzza3753.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 9145
Last-Modified: Wed, 09 Nov 2022 12:03:25 GMT
Connection: keep-alive
ETag: "636b970d-23b9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.guoseapi.com/upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buywCnMcgrXg6bmDDZHyQADZftRf9bXD1QHLVGqzu%2BmZS28ogLlfoNunpyCdwgxAcMKHT4QXt%2BZL47LQRm3tEALX9SGzyQ1xuOXn2SKyFdPJu%2B89Gcz6ZvsB8pgeDpNWoJZK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46ccaebb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 29 Jan 2023 05:42:03 GMT
Etag: "4078521116"
Expires: Mon, 29 Jan 2024 05:42:03 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=426B23914623C96F2CC33744001D7C4F:FG=1; max-age=31536000; expires=Mon, 29-Jan-24 05:42:03 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
fmlb.netlbtu.com/upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg
200 OK 6.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4864c6a34bd8d59804dfb8c16a7bdcce
c87123793be85f9a847daa06f4e7f9d65877552f
c0a8389982608c13b77910a1bebf5630628f45ff85c5acb32353c810783dd541
GET /upload/vod/2022/09-04/14/sfjnx0pub1t1459sfjnx0pub1t4673.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 6426
Last-Modified: Wed, 09 Nov 2022 11:41:32 GMT
Connection: keep-alive
ETag: "636b91ec-191a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg
200 OK 9.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a6dc1deaa0cf7a7755c76977c6c8863d
f3c42f46eff84218016f8ed9303b861bfb930df4
905b17dd217f7ef64d84b9412f1cbd53f62f23fa26c789ebb1f84533de757782
GET /upload/vod/2022/09-04/14/dszvles2oq11459dszvles2oq14571.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 9111
Last-Modified: Wed, 09 Nov 2022 11:41:33 GMT
Connection: keep-alive
ETag: "636b91ed-2397"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg
200 OK 8.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f7620194ccc51ce6bbe622fd849d3ae0
871bea122e0a4ac503b408135e62d04145195715
db9dad860a3c5bb024bb1147e1fc15d56c1e5bb3c44e5103231e54b2da7e8464
GET /upload/vod/2022/09-04/14/3cif1ukffsf14593cif1ukffsf4775.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 8607
Last-Modified: Wed, 09 Nov 2022 12:03:22 GMT
Connection: keep-alive
ETag: "636b970a-219f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg
200 OK 8.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9f4eb9424327cd5c666b8610a47e062d
128795c77609d677d22b8282f85bb986e3ee3515
bfa101c8fe7bb3bcd5e9af17a783484b59cd87c82739add0e2c51523e7cdb916
GET /upload/vod/2021/06-22/17/dfygq50jx0e1748dfygq50jx0e454707.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 8624
Last-Modified: Wed, 09 Nov 2022 08:22:09 GMT
Connection: keep-alive
ETag: "636b6331-21b0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg
200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6db6ac8e51aa8a830dabae99acb046e9
528c1eaa5f81ec7ff929fe0f09ac076834e158ed
97e4efaa4926d04b62b1204354626beb2d7f9256f150701d2ea8213bfbf873b0
GET /upload/vod/2022/09-04/14/nozetqcqpgw1459nozetqcqpgw4265.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 10038
Last-Modified: Wed, 09 Nov 2022 11:41:34 GMT
Connection: keep-alive
ETag: "636b91ee-2736"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg
200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 237bfba9436391fe5b2c3a2168877877
1c6a374d7c745d1c3288177ca32405ed28ee22aa
f2f1f9495e4d3a03adbd182cd55cbc6d80c81c45cde7cd9bec6833f1c0d754d5
GET /upload/vod/2021/06-22/17/onypywdrezv1748onypywdrezv434702.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 12631
Last-Modified: Wed, 09 Nov 2022 08:21:12 GMT
Connection: keep-alive
ETag: "636b62f8-3157"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.guoseapi.com/upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VicAAfi9VGVBmybs6J6ihFMfBt75sUDcz4%2F6vOTVw1ojAMiqAwHzjnwNAA4BQMfCtPfKpcEINRPba4iZdzRPevcKLlb4I0lMneIM%2BpHK6z%2FkUCNtq8RRb265Hhk3br6DyBh2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46cbea60afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
api.safe-t-first.com/dzt/SDH.JS
200 OK 1.0 kB URL HTTP/2 api.safe-t-first.com/dzt/SDH.JS
IP
Hash f97d7c02193c6aec2467180df0df9cda
840dac95cf5b386675527ca3c1f3f667388d515c
9557c8ca955b5282c315e1d3a012d78b9874bf8dff858cc40c517b99e5eb05ee
GET /dzt/SDH.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:29:13 GMT
vary: Accept-Encoding
etag: W/"638ca0a9-aa4"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.guoseapi.com/upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JETPZ%2FyapzF2Wrn9v%2F23GGC%2FtQnu%2BROWlfDNMG4V2dUHphOGTtbSVOObrLVSZ17UjHAitH%2Bo5NPAP%2BnvdePR4QZOz4N1YJ0lOab1Rfp9m%2F72UsAkuwTmqxNICwebPTSTbx5y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa46ceafab512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmlb.netlbtu.com/upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg
200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c2fd895cf3ac06ac64e398ff6992ca98
4ee50325a91303e218a659ae408180353bec6273
ba571945ce99699a737bf0ab85733ed93fa76b3a348dec90b37a0bfe1dd453b7
GET /upload/vod/2022/09-04/14/kkmbkym1rpf1459kkmbkym1rpf5387.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 11475
Last-Modified: Wed, 09 Nov 2022 11:41:35 GMT
Connection: keep-alive
ETag: "636b91ef-2cd3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg
200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dbcd7086e90d0dc1a9b162e66f723ed8
9d0fd086f20b78c0514612055016cf62b955fcad
05acfb305c3b6f432d4b8b66bee3319a70ef09ba56df135c71a59078193b392a
GET /upload/vod/2022/09-04/14/cnxabsn4stj1459cnxabsn4stj3651.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 10247
Last-Modified: Wed, 09 Nov 2022 11:41:33 GMT
Connection: keep-alive
ETag: "636b91ed-2807"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg
200 OK 9.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 60573b859ec466fef551a1a061417e92
dea9f581ad37b196576b1c361bf8f64728c59b1c
b592b8b695147c0c12e9097e4792841f4a9fe2e7487cbe6cca951c4f0c6e996b
GET /upload/vod/2022/09-04/14/2tpvyjnriwq14592tpvyjnriwq3549.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:02 GMT
Content-Type: image/jpeg
Content-Length: 9744
Last-Modified: Wed, 09 Nov 2022 11:41:32 GMT
Connection: keep-alive
ETag: "636b91ec-2610"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
xx-map.com/storage/websites/June2022/i4v0YIEW1Rq1FlVqI9hv.gif
200 OK 104 kB URL HTTP/2 xx-map.com/storage/websites/June2022/i4v0YIEW1Rq1FlVqI9hv.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 104 kB (104099 bytes)
Hash d93ca83077660fbae7839fa5837af88d
9d6a01bfa19c4cdd6f8f9e9d87864a3eb76b79d6
58aaf2652b398cfe64c8ab1014f021a1cd15a89f10e89f902182615969466207
GET /storage/websites/June2022/i4v0YIEW1Rq1FlVqI9hv.gif HTTP/1.1
Host: xx-map.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: image/gif
content-length: 104099
last-modified: Thu, 13 Oct 2022 14:31:05 GMT
etag: "63482129-196a3"
expires: Sat, 18 Feb 2023 14:25:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 832568
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjRzpULEBkCBeIV1GWrA37iAtEV7tKEL8eySxVJTaZYUL0gsvotJiZNxQCZ3WqXzJJ5%2BPmDClGcHHD5Aw8QhtfaIpmleYKdd6i7hrHJTcKZMwZ10TJuT7vLqO5XN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790fa46fdcd7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cqcq9.com/template/default/images/ico.png
200 OK 903 B URL HTTP/1.1 www.cqcq9.com/template/default/images/ico.png
IP
File type PNG image data, 30 x 102, 8-bit colormap, non-interlaced\012- data
Hash cc584c48bdea33f64498bcc859885375
1c092c63a09440c9632aef2868449eda772949fa
9c9453da37e3ed5e631977ce6843ac850d213fc67894d3c7c6a1d66c2335ed1f
GET /template/default/images/ico.png HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/template/default/images/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Apr 2016 09:24:04 GMT
Accept-Ranges: bytes
ETag: "822265bb9ed11:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:01 GMT
Content-Length: 903
api.safe-t-first.com/dzt/SP.JS
200 OK 392 B URL HTTP/2 api.safe-t-first.com/dzt/SP.JS
IP
File type HTML document, ASCII text, with CRLF line terminators
Hash a819d9f803d2813eb3cf31546fe0bc42
dc71e88cc902f54ce7e33b0f10ddda0144b46f90
152c8f1a9ea0a88c5b89891ddf1dae5bcb3737fc02f2ca7feab953f0f73a1b1b
GET /dzt/SP.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: application/javascript
content-length: 392
last-modified: Sat, 17 Sep 2022 15:14:35 GMT
etag: "6325e45b-188"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 4ec01bfb2a8eb4946daf7fe8080c1033
ca5bbb5b929adc81ca4dbe12d755e1ca587007a5
73bb67744bc7e6ef30261a6fbb39f638b6fb5359e229b425e66d45b1921dda95
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 02 Feb 2023 02:53:34 GMT
ETag: "ca5bbb5b929adc81ca4dbe12d755e1ca587007a5"
Last-Modified: Sun, 29 Jan 2023 02:53:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2980
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470bddefac4-OSL
img.guoseapi.com/upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/6a930f6a23b3124d2ff5aa97be2f83b7.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htj8pZiSHc7jFbOmvp7PnAg4YZXVAohxnd6DhATuPWrVM%2F7Ci0hdfxZs1qLJ7m1iykSEXykxDxS7lmLAReekCN2KpmeuOFgyXTWD%2BOCf2%2FnaLLNxbKIwTinCAurV3fiuYtov"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470cccab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/c1105dabfe33471628d52e5f7330bcef.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRY7POl3wTzyMdWcphOvKMgZR6iZ9hwBZEh4H8PWXQSh%2BussVQE5nS7SaskyKkg3TeNiinf3JdWp9mJkfXlvXRqygp9GDLMsTMH0Rt0VsO%2FVb6JBVQmWHD3u%2BeYEvATh6t0e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470cbf1b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/f6e7fbf4aa627c0dde88ce47f339a9ee.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5LmknolkEgcLiB4qpsVnxD6tQrUL7pYp4a316y8OJy%2BxXePnKfEOuHuvUpaRjoHE9oC74RIkJ3DgYoxyAdDCW%2FT44crs2zlYoWw3tV5LoJVksWJaelCPnNEkGIgL4SjPJOG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470c883b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/a2430851a591243448289a874e8a1430.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzrvP3sd5kN3Os2NlHFkQFU37gfYnsccH5MQhsSrH%2BWA2BrZXgUPCtMTCMhwqiVBF37IFiSm55%2BPdI9IJBlNO9LB7ZugDiGvEhdRRmkYQsgfWZA71e9bfmkVaREpLTwzMxfZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470d8300afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/36e80c8b098e493e344ad71891b5363c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OZ7Ux1mAdFgKFOnNJltHUdIA2XOAh6jPiSNKWz%2BVCqSSI8I333T%2B3WHqvSZR9CAdx%2F2KPRNgi9MWjldXACVH525M1eqYFOrqimBXnS1263vsnoCLWcXFInByyVpyXuJkPc1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470dcf0b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/0df9f05473ff1f8d019a5b01fa0936ab.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6M8sjadgXW%2FSWx94OKhXPFxo6kLUnwjyKq5mN3T8qqULxd6MYkzgoYEICpwL1Odb1IXQh9tgu%2BDILDCXsHqyUaur41wfFt%2Brl0oIuapcaVRSQYUimNwRVmWBlG%2B79sdNoTx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470ec60b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/2758820573dbdbe7e4175ecad76ae726.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIMPKUYGMXa%2B27qaLQbJ82f3Uy9hYoNoWdgJFvM9DE7dyRcvCv4VVtishYWKTVctE7MdVeyn1ZnQDPe251ZCzjeccu9P4E7AdxvBghhVvu3qbHgtrvW%2BmqUtE91iAf8cH%2Biq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470ecddb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/53326dd3c96d25897c093843012902ef.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKPa5X8hNN4YEh68SRIiQSETz0dkbkcgmlfoLuMAWTnez%2FuwlWab3m2xpJXYZgMKmqZuIxT6dxNBk8Q5QTRTlHaTwrOGWANpsphpIU%2FkCJccBwc08jwUpdkFWJr0gQRJO1Ny"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470e8370afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/af95dfba090cfdb83eb36fc2b9dbc27c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QyZbSJGmb%2FAClOpLVDKOxe2Py5RkEeTqKH3%2BxzSkXOpUuNirsUQuJKYQ4sOS6h%2FALH4z2JY4GxCpriOcjPWzP2hIXxLfSV5bIQvsUFEAXlSDekvo3HKGyowGDIMIdYVYK3r"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470ecf8b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/a5a082af3add384b5ac7fc3cdc9c612c.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yt1KMuOXvTZoAAI0KPyViucivWKOsezXlY7LhCo%2FTsIWS%2BmHBPYeI3VOzkMRgDg%2Fb7brg3d8eqkfOKGfE5p1MU1lFEBXcNABU3ZWa0XhHMP07otBsZ6sJzbxhxNLZhJ6mF0T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470ec63b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/33d3ea6c401d3530a23c7c6fb0472ae7.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APtRYDymbTiWGNr9rcgkOA8TpJZOsDn6qEz3%2FjThlbBb%2BBOe3FgIyPOmyCHYlHdsxaXe6frfGb4szperw8WBwci%2BvQc5N%2BwQf9HKDY1Fk%2Bpb5LQNxLREUNq4MCNUDjQOSPBc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470ebfab4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/4d7c49e3ff6a0dcbd58f1597f5927513.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2Pc0ljuLxbkxUCmQYJMexNuVL1fsCAgKs31umb%2BP5PlR0QYkbg%2FfS4gsM3CAeVjJ36TIJjsNIrnGug1Bodb%2BngAKE7c3Z68Gbt%2FHpo1Cf96hdjRo%2B1y0L2MLlW70Ut7qxpU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470e88fb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/543db11155c7630375b17f56d9bc7b47.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1ZT0STADDQIkc8RzudSgrL%2BiX5uhWQZbbRIIiU4ikPbQu3tXQFsaO1LU%2Fnae%2Fh9lpXHity%2FgbPdxtB3FOh4tz%2Bt9JcHOPM75ZPpRQ%2BjqcXzf4OOp7pFUEadreHq7kQA4kLF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa470fce8b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/2eec9c469e4e5f5d5dc06360c12476fe.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5psH0JkgkZy6484lDhFquiZ%2FSSanYdt5l4fM1L8LjnsWZ0sdsZ%2B5XG%2BeSi2p0WEwadPF54Nwxvif00LFJmYlf1nV%2BCQjKl2Zg%2BR%2BZchDWHzL5rQpjdU20IjVve6DFgzVo%2Bk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa471083e0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.guoseapi.com/upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg
404 Not Found 109 B URL HTTP/1.1 img.guoseapi.com/upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /upload/vod/20220726-1/8491ea6348fe266ef2af9abea759725b.jpg HTTP/1.1
Host: img.guoseapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxCs4lsk3gQRmXVp5MXkGYjeAhn5qYJZ9RDk2y0zjqVBvbVqkfjCeOu0VLrkvaq%2BYxmEWqDypSM08Uzcvqe7LMMrRiZEYK2KjzbyoSpWn0Br%2BFofYNHG%2FJcZpetyp9xZ7tG%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790fa4710d08b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fmlb.netlbtu.com/upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg
301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg
lbfm.lbpictupian.com/upload/vod/2022/10-27/13/ra4scrsa5rr1341ra4scrsa5rr142581.jpg
200 OK 8.8 kB URL HTTP/1.1 lbfm.lbpictupian.com/upload/vod/2022/10-27/13/ra4scrsa5rr1341ra4scrsa5rr142581.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bff53bae6954e8ffaef32fc565762c3e
7375cfb3367ee6ce8668b6895587bad3002f66c3
d41bc1bfb54fb2c675b911ea1c221f29adbe79f568b1d73cc5d28ca0e19632d5
GET /upload/vod/2022/10-27/13/ra4scrsa5rr1341ra4scrsa5rr142581.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:03 GMT
Content-Type: image/webp
Content-Length: 8766
Connection: keep-alive
Cf-Bgj: imgq:85,h2pri
Cf-Polished: qual=85, origFmt=jpeg, origSize=9431
Content-Disposition: inline; filename="ra4scrsa5rr1341ra4scrsa5rr142581.webp"
ETag: "635a19fa-24d7"
Last-Modified: Thu, 27 Oct 2022 05:41:14 GMT
Vary: Accept
Cache-Control: max-age=31536000
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 790fa46ff807b50f-OSL
fmlb.netlbtu.com/upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg
200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8f6f03541b1694ba4a55cb8e755295e6
e3e6af7cd5c1068aab2b3bed7f58a60e9699290e
dc4108bf5c109dff942e6b8d0fe4e0f170574f870bea9a0a11e440b17ab4c565
GET /upload/vod/2022/09-03/12/ukgyaqrvmsb1242ukgyaqrvmsb4523587.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cqcq9.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 29 Jan 2023 05:43:03 GMT
Content-Type: image/jpeg
Content-Length: 10589
Last-Modified: Wed, 09 Nov 2022 08:20:28 GMT
Connection: keep-alive
ETag: "636b62cc-295d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.cqcq9.com/template/default/images/text.png
200 OK 646 B URL HTTP/1.1 www.cqcq9.com/template/default/images/text.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ea04ca125b03bd020bded6a3ecba1c0a
d6e7e93180689b11ee0e2674c41f5585e688d62d
659f4cdc53e8585ed6e606f0575c03e66e83590e4e2adaa44db2ae539e25a77a
GET /template/default/images/text.png HTTP/1.1
Host: www.cqcq9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/template/default/images/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 07 Jan 2017 10:08:44 GMT
Accept-Ranges: bytes
ETag: "56bba47ce68d21:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 29 Jan 2023 05:42:02 GMT
Content-Length: 646
api.safe-t-first.com/dzt/S4.JS
200 OK 0 B URL HTTP/2 api.safe-t-first.com/dzt/S4.JS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dzt/S4.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: application/javascript
content-length: 0
last-modified: Fri, 16 Sep 2022 14:01:47 GMT
etag: "632481cb-0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?r=http%3A%2F%2Fapi.xpgys11.xyz%2F&l=http://www.cqcq9.com/
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?r=http%3A%2F%2Fapi.xpgys11.xyz%2F&l=http://www.cqcq9.com/
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?r=http%3A%2F%2Fapi.xpgys11.xyz%2F&l=http://www.cqcq9.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 29 Jan 2023 05:42:03 GMT
api.safe-t-first.com/dzt/DL.JS
200 OK 0 B URL HTTP/2 api.safe-t-first.com/dzt/DL.JS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dzt/DL.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:04 GMT
content-type: application/javascript
content-length: 0
last-modified: Thu, 15 Sep 2022 10:05:18 GMT
etag: "6322f8de-0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0e8349dc9344af9c30dc1c9b3ce11173
d38c169f927fc3d3ae5a91a2d727102a7ad760ac
ca9456b8ec0ff30a04385207f5403b0ecc44af54e1ea451733d3632aa0a25c7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 08:12:34 GMT
Expires: Fri, 03 Feb 2023 08:12:33 GMT
Etag: "d38c169f927fc3d3ae5a91a2d727102a7ad760ac"
Cache-Control: max-age=440428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa4736eafb4f3-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0e8349dc9344af9c30dc1c9b3ce11173
d38c169f927fc3d3ae5a91a2d727102a7ad760ac
ca9456b8ec0ff30a04385207f5403b0ecc44af54e1ea451733d3632aa0a25c7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 08:12:34 GMT
Expires: Fri, 03 Feb 2023 08:12:33 GMT
Etag: "d38c169f927fc3d3ae5a91a2d727102a7ad760ac"
Cache-Control: max-age=440428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa4737ba00b49-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0e8349dc9344af9c30dc1c9b3ce11173
d38c169f927fc3d3ae5a91a2d727102a7ad760ac
ca9456b8ec0ff30a04385207f5403b0ecc44af54e1ea451733d3632aa0a25c7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 08:12:34 GMT
Expires: Fri, 03 Feb 2023 08:12:33 GMT
Etag: "d38c169f927fc3d3ae5a91a2d727102a7ad760ac"
Cache-Control: max-age=440428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa4736cf80b61-OSL
collect-v6.51.la/v6/collect?dt=4
403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 360
Origin: http://www.cqcq9.com
Connection: keep-alive
Referer: http://www.cqcq9.com/
HTTP/1.1 403
Server: CloudWAF
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=e503c1063164f428bafd; path=/
HWWAFSESTIME=1674970920221; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.cqcq9.com
Access-Control-Allow-Credentials: true
api.safe-t-first.com/dzt/S3.JS
200 OK 1.1 kB URL HTTP/2 api.safe-t-first.com/dzt/S3.JS
IP
Hash b615812377d0e0fe5f233f58ca1348a1
94a08053e770cf5ce69ae857933bce6efcbe6bba
37ab34ed1ac2abf8eeca7c449702b436144d0600a62d7c733fb03b6421c8c7e2
GET /dzt/S3.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 02:44:27 GMT
vary: Accept-Encoding
etag: W/"639d2d0b-5b9"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?0e4c69192bebb536fa43c8edf6654341
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0e4c69192bebb536fa43c8edf6654341
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash aba83a36b6bac9605c05658324f27edc
7b7cabfdc7c3e9357017006a580b63c4bfb761fd
45dfbda851a3bd108a2a09fc26948542a5b0a13cd2dca7cf2c9fea857c52b98d
GET /hm.js?0e4c69192bebb536fa43c8edf6654341 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 05:42:04 GMT
Etag: b9bf0d1bb7aa9c39b401ef05cb87a75a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=26B453CCB6D321D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 789dcd10ab5818a873442245666594f1
ea65e4004d683034f7954df2c43a396a5c1cd71e
4d869d8a91347647b652f8b3c7c568e953a765421e7fefd66b117ba26ff65639
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D869D8A91347647B652F8B3C7C568E953A765421E7FEFD66B117BA26FF65639"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12289
Expires: Sun, 29 Jan 2023 09:06:53 GMT
Date: Sun, 29 Jan 2023 05:42:04 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 470b4557f63d68b6f130d263cbc25aa8
87c40d3269cae12c1b96518131cbdf3a49624d81
e940eab9314c678f591e0b1df49d911ab6e7255819d635518c4272b0a7c701a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 11:18:41 GMT
Expires: Fri, 03 Feb 2023 11:18:40 GMT
Etag: "87c40d3269cae12c1b96518131cbdf3a49624d81"
Cache-Control: max-age=451595,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa4739816b51d-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 1127ceac79ce490d1a9b44828081a54d
6be7fa3c76c78d0152511fa08aaf461e7c619506
f01f3892ebf92bdeb8ae3fba811cbabf900ca669f43c1c963ece144325e8a766
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 18:50:25 GMT
Expires: Sat, 04 Feb 2023 18:50:24 GMT
Etag: "6be7fa3c76c78d0152511fa08aaf461e7c619506"
Cache-Control: max-age=565099,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa47639740afa-OSL
sc02.alicdn.com/kf/Hf82983e650f140d4baccd79e3f84f3f1f.gif
200 OK 24 kB URL HTTP/2 sc02.alicdn.com/kf/Hf82983e650f140d4baccd79e3f84f3f1f.gif
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 200 x 260\012- data
Hash 39202890b8a45718c94d001113e9b4ae
5be1ffe30a5384abc0be6ad69cc5137bcd069870
fc3337d5ddd7f57c17481f1d3a60aaf82cd0f17643df3397b44261d77e7202cc
GET /kf/Hf82983e650f140d4baccd79e3f84f3f1f.gif HTTP/1.1
Host: sc02.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 24524
traceid: 2f59420516669704581156163e
x-application-context: fileserver2-download:prod,hz:7001
last-modified: Fri, 28 Oct 2022 15:20:58 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0
eagleid: 2f59420516669704581156163e, 082d349516703630330944665e
server-timing: rt;dur=1.292,eagleid;desc=2f59420516669704581156163e
ali-swift-global-savetime: 1666970459
x-swift-savetime: Tue, 06 Dec 2022 21:43:53 GMT
x-swift-cachetime: 83007426
served-from: 23.62.98.103
cache-control: max-age=83992985
expires: Sat, 27 Sep 2025 09:05:09 GMT
date: Sun, 29 Jan 2023 05:42:04 GMT
network_info: NO_OSLO_50304
timing-allow-origin: *, *, *
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1463303329&si=0e4c69192bebb536fa43c8edf6654341&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27400&r=0&ww=1268&u=http%3A%2F%2Fwww.cqcq9.com%2F&tt=%E5%9B%BD%E4%BA%A7%E6%BF%80%E6%83%85A%E2%88%A8%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E6%92%AD%E6%94%BE_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%94%B5%E5%BD%B1%E4%B9%85%E4%B9%85%E4%B9%85_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E5%A4%A7%E8%A7%86%E9%A2%91
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1463303329&si=0e4c69192bebb536fa43c8edf6654341&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27400&r=0&ww=1268&u=http%3A%2F%2Fwww.cqcq9.com%2F&tt=%E5%9B%BD%E4%BA%A7%E6%BF%80%E6%83%85A%E2%88%A8%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E6%92%AD%E6%94%BE_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%94%B5%E5%BD%B1%E4%B9%85%E4%B9%85%E4%B9%85_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E5%A4%A7%E8%A7%86%E9%A2%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1463303329&si=0e4c69192bebb536fa43c8edf6654341&su=http%3A%2F%2Fapi.xpgys11.xyz%2F&v=1.3.0&lv=1&sn=27400&r=0&ww=1268&u=http%3A%2F%2Fwww.cqcq9.com%2F&tt=%E5%9B%BD%E4%BA%A7%E6%BF%80%E6%83%85A%E2%88%A8%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%E6%92%AD%E6%94%BE_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E7%94%B5%E5%BD%B1%E4%B9%85%E4%B9%85%E4%B9%85_%E5%9B%BD%E4%BA%A7%E9%BB%84%E8%89%B2%E5%A4%A7%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 05:42:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A360CA786ABDA13A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u1044.com/7e7ff64c2a224d31b3316a3a83786276.gif
200 OK 309 kB URL HTTP/2 u1044.com/7e7ff64c2a224d31b3316a3a83786276.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 309 kB (309100 bytes)
Hash 85a34441173f1ad7d14a35ca78a4ca92
5d6216548b65b8ac46382cdc4b52c01305c5c1f8
ad6bfce666abcdf98e9ba0b238269d0b1b708c870bc21b0d066fcc57264b965f
GET /7e7ff64c2a224d31b3316a3a83786276.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63a96ba3-4b76c"
server: nginx
date: Wed, 25 Jan 2023 06:43:00 GMT
content-type: image/gif
last-modified: Mon, 26 Dec 2022 09:38:43 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-13
content-length: 309100
X-Firefox-Spdy: h2
kkgif.oss-cn-hangzhou.aliyuncs.com/960x120-2.gif
200 OK 319 kB URL HTTP/1.1 kkgif.oss-cn-hangzhou.aliyuncs.com/960x120-2.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 319 kB (318990 bytes)
Hash aa24656f40e8051bc01ab3b7b54ba39c
c79fad7ee2056cbc38a2934b5836ace69855b335
dd7d9844bcdd274145914d077c70c51a5c873539c6259e5855c367d9ac7e2000
GET /960x120-2.gif HTTP/1.1
Host: kkgif.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: image/jpg
Content-Length: 318990
Connection: keep-alive
x-oss-request-id: 63D6072C3D53853139E18E3D
Accept-Ranges: bytes
ETag: "AA24656F40E8051BC01AB3B7B54BA39C"
Last-Modified: Fri, 14 Oct 2022 13:04:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11367310566151348241
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: qiRlb0DoBRvAGrO3tUujnA==
x-oss-server-time: 3
n0633.com/6b5d90373420481eb967eb739d7ed50f.gif
200 OK 101 kB URL HTTP/1.1 n0633.com/6b5d90373420481eb967eb739d7ed50f.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 101 kB (100964 bytes)
Hash 27d1de97ac93e08c23d38839c165962c
020372b65036c38287bf286a45dafd0cbd3a0538
57d082becc6ff907404430333320f5d87607b761c5b8647a13f339a20ca2f30d
GET /6b5d90373420481eb967eb739d7ed50f.gif HTTP/1.1
Host: n0633.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:04 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 08 Jan 2023 13:55:09 GMT
ETag: W/"63bacb3d-433f6"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
taiwtp1.com/img/200200.gif
200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:35:06 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 28 Feb 2023 05:35:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xinchacha2dv.ocsp-certum.com/
200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 7dd7c19e82634bba92c39ae526706899
209e2cffc0aa7967c7a0cd957bf82a27b910c401
920dca6b139798801ede697b0842689df611a76258292950a3ab37391307967e
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=874
Date: Sun, 29 Jan 2023 05:42:05 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
200 OK 472 B IP
Hash ee5c154ebd022cfb20985115fb288f70
2defe0a8ef09a90919521c308920f602fbfa2243
18ae4e91e74a3d9944f0a35b27f7cd9cb21e4c4a334fc7c8fbedeeb2f52f2632
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:42:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 21:55:20 GMT
Expires: Thu, 02 Feb 2023 21:55:19 GMT
Etag: "2defe0a8ef09a90919521c308920f602fbfa2243"
Cache-Control: max-age=403393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790fa47b1aefb51d-OSL
img.firefoxcartoon.com/image/a7.gif
200 OK 1.3 MB URL HTTP/2 img.firefoxcartoon.com/image/a7.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.3 MB (1264586 bytes)
Hash 24276ed40d33cdc7c91be6aee4a5c649
406a93691820e9768a0190f7a216c61b939ce22c
e6ed2d7c48fa4150292f76a06067d50597c16e7f402b030c9d2d22d8540ff733
GET /image/a7.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:04 GMT
content-type: image/gif
content-length: 1264586
last-modified: Thu, 21 Jul 2022 11:37:53 GMT
etag: "62d93a91-134bca"
expires: Tue, 28 Feb 2023 05:42:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.firefoxcartoon.com/image/22cc.gif
200 OK 840 kB URL HTTP/2 img.firefoxcartoon.com/image/22cc.gif
IP
File type GIF image data, version 89a, 128 x 128\012- data
Size 840 kB (840352 bytes)
Hash 367441fd0f9cc373d70d8fc69e97d46a
fb39591de5c3e2692f952801ffb34e88f4765c47
b22f3ed319624e493ebe8e41e7ef367fe86e9bc5b0ddbcc22d1ab75deafe05a3
GET /image/22cc.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:04 GMT
content-type: image/gif
content-length: 840352
last-modified: Sun, 23 Oct 2022 07:47:52 GMT
etag: "6354f1a8-cd2a0"
expires: Tue, 28 Feb 2023 05:42:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.safe-t-first.com/dzt/S1.JS
200 OK 1.3 MB URL HTTP/2 api.safe-t-first.com/dzt/S1.JS
IP
Size 1.3 MB (1325062 bytes)
Hash f10daa4a681fbf665212ddeebabbe5b1
d9de1fff531e9d8c71d344ab114541dee7c4473d
86ad560892ec419541d19c63a132a6028e5e58caa8e288230997861edf2265ce
GET /dzt/S1.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:02 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 04:28:13 GMT
vary: Accept-Encoding
etag: W/"63be3add-95c"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif
429 Too Many Requests 306 B URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif
IP
ASN #133119 China Unicom IP network
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (306), with no line terminators
Hash 4798967e28cc4047f7584e49d56349e7
c4e21ec8a0510d208a5a523170bb5482050445d9
5758b4f18e3919abee14e82d13a662d6daadd580b9ef4ab0b18429a97695ff43
GET /bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Date: Sun, 29 Jan 2023 05:42:05 GMT
Content-Length: 306
Connection: keep-alive
Server: openresty
X-Request-Id: 00000185FC0C0A3D940F310301662DE9
x-reserved-indicator: 612
X-CCDN-Origin-Time: 111
Age: 1
via: CHN-HElangfang-AREACUCC1-CACHE46[129],CHN-HElangfang-AREACUCC1-CACHE3[121,TCP_MISS,126],CHN-TJ-GLOBAL1-CACHE99[116],CHN-TJ-GLOBAL1-CACHE3[111,TCP_MISS,113]
x-hcs-proxy-type: 0
X-CCDN-CacheTTL: 2592000
api.safe-t-first.com/dzt/SAPP.JS
200 OK 246 kB URL HTTP/2 api.safe-t-first.com/dzt/SAPP.JS
IP
Size 246 kB (246450 bytes)
Hash 2eefe92b7495ce28994fb5bb091a1edc
0c97b2cc2f01ff5921a518264e2e9f9d2774e229
dc228c30bd21ba1640f6cdbda5ac89f1df2bf6059731da9028833dd48ba05d09
GET /dzt/SAPP.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:03 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 04:22:58 GMT
vary: Accept-Encoding
etag: W/"63be39a2-fb5"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
225962tyy.com/470ed5ee51fd4c618951406988fe976e.gif
200 OK 276 kB URL HTTP/1.1 225962tyy.com/470ed5ee51fd4c618951406988fe976e.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 180 x 180\012- data
Size 276 kB (275781 bytes)
Hash e6b935405a2f267592cd1d81fbe51897
475f77009b099e3edfe16b9fa4b3105fab4b62ea
eb05ec6c95dddb68b7615d26c68820ab928b9c32f534b2e3eee12e1c8b97f6f3
Analyzer Verdict Alert quad9 Sinkholed
GET /470ed5ee51fd4c618951406988fe976e.gif HTTP/1.1
Host: 225962tyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6378f199-43545"
Date: Sat, 28 Jan 2023 06:42:20 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 19 Nov 2022 15:09:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-39
Content-Length: 275781
kkgif.oss-cn-hangzhou.aliyuncs.com/96060-1.gif
200 OK 62 kB URL HTTP/1.1 kkgif.oss-cn-hangzhou.aliyuncs.com/96060-1.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash e395406df64eeb7c363e6adeac428f67
2ec92371a1e3fdeebd977a7cc830365ef98535fe
6ea22a9fef8b07c5a0a110d68b85aac5e63b0dd650070818261b2c7a32c5c3b2
GET /96060-1.gif HTTP/1.1
Host: kkgif.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 29 Jan 2023 05:42:06 GMT
Content-Type: image/jpg
Content-Length: 62223
Connection: keep-alive
x-oss-request-id: 63D6072E3D538531394E9B3D
Accept-Ranges: bytes
ETag: "E395406DF64EEB7C363E6ADEAC428F67"
Last-Modified: Fri, 14 Oct 2022 13:04:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8379537113911644262
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 45VAbfZO63w2PmrerEKPZw==
x-oss-server-time: 3
kkgif.oss-cn-hangzhou.aliyuncs.com/960X60.gif
200 OK 77 kB URL HTTP/1.1 kkgif.oss-cn-hangzhou.aliyuncs.com/960X60.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Hash fb2784144ab7570babf493dfb6dedabd
fbc0729d4481fdf62fef0d7b63ca1bacedfc723a
6715f0bb3ca5cd02212be6206016c84a3e596ab50c2e371c2fee09d0c432a1bf
GET /960X60.gif HTTP/1.1
Host: kkgif.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 29 Jan 2023 05:42:06 GMT
Content-Type: image/jpg
Content-Length: 76761
Connection: keep-alive
x-oss-request-id: 63D6072EDF7271333977E2B4
Accept-Ranges: bytes
ETag: "FB2784144AB7570BABF493DFB6DEDABD"
Last-Modified: Fri, 14 Oct 2022 13:04:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15652673086147622604
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: +yeEFEq3Vwur9JPftt7avQ==
x-oss-server-time: 39
api.safe-t-first.com/dzt/DINGPIAO.JS
200 OK 0 B URL HTTP/2 api.safe-t-first.com/dzt/DINGPIAO.JS
IP
GET /dzt/DINGPIAO.JS HTTP/1.1
Host: api.safe-t-first.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cqcq9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:42:04 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 11:27:49 GMT
vary: Accept-Encoding
etag: W/"635fb135-6b1"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
50.117.123.117
95.101.11.152
47.110.177.134
104.18.20.226
188.114.96.1
54.151.197.160
220.128.218.220
103.235.46.191
185.227.255.100