r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10055
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 05:54:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5290
Cache-Control: max-age=108310
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:11 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:59:21 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 05:19:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2108
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3422
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 05:54:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KPOrUYNjSznP5XH5Tqw0wcPkLKAz2xF5Mv+qbzqAbviO5jOt7Oo07cDtSdSZYnIgTwNgEqiwyKo=
x-amz-request-id: 7SQ3NMH7RG8MDYBB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 05:40:41 GMT
age: 810
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
qwyxsc.com/
154.64.127.13200 OK 7.0 kB IP 154.64.127.13:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1254), with CRLF line terminators
Hash a022a766bec879259f39c57c4a27927b
97e2acda9728e5520b4f1eae6d24028f9a10c790
33bdfbaa027d22d4bfb8752af6dff1aacb1b76f994576cd1f1749463bc377fde
GET / HTTP/1.1
Host: qwyxsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:54:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
qwyxsc.com/template/m1938pc/css/zui.css
154.64.127.13200 OK 19 kB URL HTTP/1.1 qwyxsc.com/template/m1938pc/css/zui.css
IP 154.64.127.13:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 89f27ce6f7607216709513592d4e4030
2668560dc8af9fc1cd37f1ff922a654263ac032a
f2120cf5afdc691852cb287b2ee2ce263678a9f2c1c4a1ff144c1f6584db75db
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: qwyxsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:11 GMT
Content-Type: text/css
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6010fb5a-14f36"
Expires: Fri, 25 Nov 2022 17:54:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
qwyxsc.com/template/m1938pc/css/ate.css
154.64.127.13200 OK 6.0 kB URL HTTP/1.1 qwyxsc.com/template/m1938pc/css/ate.css
IP 154.64.127.13:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type ASCII text, with CRLF line terminators
Hash 775ec9fd65a59632efdf68fc5af2dfad
a51c8530feab204356baa78c94848b688de1caf5
683dab144184920b21b643c2e6de55202e5528633318697e652fec75a8016d93
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: qwyxsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:11 GMT
Content-Type: text/css
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"600d21a4-126e4"
Expires: Fri, 25 Nov 2022 17:54:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 25 Nov 2022 08:58:49 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 2719
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
154.36.223.68/jhsy/dh1.js
154.36.223.68200 OK 799 B URL HTTP/1.1 154.36.223.68/jhsy/dh1.js
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a567325a78b73c8f9ac50fa3edc82110
e19d3425d86bcaa7ca3074d4216bbe333b32f9a4
cf4c406f6b749daa82b87c0419cafe5338f2ce1751599aae21dd0e8a9d1dfada
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/dh1.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "806ec1424cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 799
154.36.223.68/jhsy/dh.js
154.36.223.68200 OK 797 B IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d51cf5cd134adff3bd6cc840fc2f05bb
2cd45d33bb6ae3c367749a53fe9f17f9976de9e8
996157cabe3a61b4542d4aac37e051d55f76835e336a6076718664f8ec6e1b22
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/dh.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "806ec1424cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 797
154.36.223.68/jhsy/app.js
154.36.223.68200 OK 666 B URL HTTP/1.1 154.36.223.68/jhsy/app.js
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 523136256fcb1ace6efeee737fceca88
96b4b59ed3991e81a76b8f26122bfe566767809e
5286ad080d8ed499f65a6d022250a28720c841cf2167a461c91f1b4e49cdaa3b
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/app.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "72c337434cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 666
154.36.223.68/jhsy/xx1.js
154.36.223.68200 OK 1.1 kB URL HTTP/1.1 154.36.223.68/jhsy/xx1.js
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 351ce7012012dfc8a8d9bff4683eb2e0
659039b29d9b0c76643d12923bf019efb8927329
f7e08d520b9f98421e184ab2c71333f837d57d1027aa4d780cd66db1e39abc48
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/xx1.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "806ec1424cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 1083
154.36.223.68/jhsy/xx2.js
154.36.223.68200 OK 565 B URL HTTP/1.1 154.36.223.68/jhsy/xx2.js
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c327ba4828a887b7cd7ad5ba048eb794
a641d629caac0aa4fcac3b86662300adb63f2e4a
56f1993d995b933eb03d8730d0f8403bba452b12eafcd51fd77ec95ffbd5f662
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/xx2.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "bed54a434cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 565
154.36.223.68/jhsy/dl.js
154.36.223.68200 OK 1.5 kB IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash ffdb9f9a475357c50b5a9334ae418624
ec66a4690b3f03dab3895e687762e3c02fbd4e7c
61d92c16534211df96e8c7790e04fa9f372dae2482fc7551092f56e8184d6dde
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/dl.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 15:00:01 GMT
Accept-Ranges: bytes
ETag: "806ec1424cffd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 1469
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5366
Cache-Control: max-age=103323
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:54:12 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:36:15 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/53b05v5bp0g150053b05v5bp0g272917.jpg
104.22.13.214200 OK 3.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/53b05v5bp0g150053b05v5bp0g272917.jpg
IP 104.22.13.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77496c4aed326e5ded82bc4c18a744a7
b85583f83b428e18564f1527114afb7818623e80
f694092e890e9cbe1851ac19b7d0e7aa2521a78a9e540d5012aa1bfdab39aeb2
GET /upload/vod/2022/10-16/15/53b05v5bp0g150053b05v5bp0g272917.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/webp
content-length: 3366
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5228
content-disposition: inline; filename="53b05v5bp0g150053b05v5bp0g272917.webp"
etag: "634bac0b-146c"
last-modified: Sun, 16 Oct 2022 07:00:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76f820d98ae81c0a-OSL
X-Firefox-Spdy: h2
154.36.223.68/jhsy/tj3.js
154.36.223.68200 OK 392 B URL HTTP/1.1 154.36.223.68/jhsy/tj3.js
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash c09e2f2a046ac4610edd1db75cf9ecb1
e09cfdbe55b28134e49a64ce9b7eda26457a60a2
f124ea323ed9b4aa5f96d8efc6124812a961a5d11ae754f9cffb4cf1faa78ec1
Analyzer Verdict Alert quad9 Sinkholed
GET /jhsy/tj3.js HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 19 Oct 2022 13:19:14 GMT
Accept-Ranges: bytes
ETag: "7385762bde3d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 392
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/4btl0mtmo0h15004btl0mtmo0h242911.jpg
104.22.13.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/4btl0mtmo0h15004btl0mtmo0h242911.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 2d07551b72bf5ce1ca65a1e5837841ff
aa443f8d7d7d5c4cbe09b36229f21931ba044f74
95fc43b401ff3bf55c6e788d768eef95a6741059a706956ab212aab43d0c6cb6
GET /upload/vod/2022/10-16/15/4btl0mtmo0h15004btl0mtmo0h242911.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8703
last-modified: Sun, 16 Oct 2022 07:00:25 GMT
etag: "634bac09-21ff"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae51c0a-OSL
X-Firefox-Spdy: h2
qwyxsc.com/template/m1938pc/images/video-play.png
154.64.127.13200 OK 1.6 kB URL HTTP/1.1 qwyxsc.com/template/m1938pc/images/video-play.png
IP 154.64.127.13:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: qwyxsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: image/png
Content-Length: 1567
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Connection: keep-alive
ETag: "600d21ae-61f"
Expires: Sun, 25 Dec 2022 05:54:12 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/nydshrae2pg1459nydshrae2pg312821.jpg
104.22.13.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/nydshrae2pg1459nydshrae2pg312821.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c2761c402ba45f1fcf70b59e1c759ae3
ac1a7a9ce4a3f79c6ee10dd4a17023bd716169d8
bebdaf28cc8ad4c2d43b22167393dd2b523a2b2b8e538eb7ce3794471f4a5783
GET /upload/vod/2022/10-16/14/nydshrae2pg1459nydshrae2pg312821.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7125
last-modified: Sun, 16 Oct 2022 06:59:31 GMT
etag: "634babd3-1bd5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af21c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/250gaw3lhzc1459250gaw3lhzc572865.jpg
104.22.13.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/250gaw3lhzc1459250gaw3lhzc572865.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3beaacc43488a4c26bc3bc4424376bac
19568794b72cd3be461ee9c968a0b980a4bbdd03
1c57f2b09581c0835fb948dc5ece8f15931cd15990cfadb3b778c8af156267d1
GET /upload/vod/2022/10-16/14/250gaw3lhzc1459250gaw3lhzc572865.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8397
last-modified: Sun, 16 Oct 2022 06:59:57 GMT
etag: "634babed-20cd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aea1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/bcc3z4qy22w0623bcc3z4qy22w5817276.jpg
104.22.13.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/bcc3z4qy22w0623bcc3z4qy22w5817276.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8245a7efda3f2e602ab7661326483797
f4f5b85b85f16c7c5ffc9521b6daa90ee3b33e24
d3902f092206fa3f6eacef0c69d999047be2895ededf5dd20e580129b44dc6b8
GET /upload/vod/2019/11-08/06/bcc3z4qy22w0623bcc3z4qy22w5817276.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7845
last-modified: Thu, 07 Nov 2019 22:23:58 GMT
etag: "5dc4997e-1ea5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99b041c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/pk3gpfu2ad41459pk3gpfu2ad4322823.jpg
104.22.13.214200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/pk3gpfu2ad41459pk3gpfu2ad4322823.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 82c24272b783f57dc1b6a6d1156561a5
f28a3e8cec89c64301d9079ab8f03dc65fe4e116
ffc25e86961b593c77f84ce9fdc51818f14b84c688144d4ace26da1cf31cd51a
GET /upload/vod/2022/10-16/14/pk3gpfu2ad41459pk3gpfu2ad4322823.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 9052
last-modified: Sun, 16 Oct 2022 06:59:32 GMT
etag: "634babd4-235c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af31c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/1yjc1t2i25b06231yjc1t2i25b4317264.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/1yjc1t2i25b06231yjc1t2i25b4317264.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2f838a3146df96b1df2b054f0af05bd1
34dce19bc07dd0c3c3d90178e301f46ea9de969a
44d4c84bdff57c3be8cbeca917e89f00b840ee5efc8268323621d75070589abd
GET /upload/vod/2019/11-08/06/1yjc1t2i25b06231yjc1t2i25b4317264.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 12026
last-modified: Thu, 07 Nov 2019 22:23:43 GMT
etag: "5dc4996f-2efa"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99b021c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/jkiwmlgo4kh1500jkiwmlgo4kh212903.jpg
104.22.13.214200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/jkiwmlgo4kh1500jkiwmlgo4kh212903.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash ac785342bbba9fe360c3039470395ba9
068027c2867ee2f007937a3b13b66ccd04f2ca49
ff8f313d274127af9793e411192b817ac4673477e81787b981c3e5c97c2b5d83
GET /upload/vod/2022/10-16/15/jkiwmlgo4kh1500jkiwmlgo4kh212903.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 9509
last-modified: Sun, 16 Oct 2022 07:00:21 GMT
etag: "634bac05-2525"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae21c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/2xihn2fbkh006232xihn2fbkh02717252.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/2xihn2fbkh006232xihn2fbkh02717252.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4a1925e05373d82b3f75b7e61eee41f9
9f565652f9eb137e478dd5694251a41aca2ce28d
04a2f4e1541ace15bc567f2334062d402aca50f3f68cc4806d94dc38e2c03f9b
GET /upload/vod/2019/11-08/06/2xihn2fbkh006232xihn2fbkh02717252.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 10493
last-modified: Thu, 07 Nov 2019 22:23:27 GMT
etag: "5dc4995f-28fd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99afa1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/mxzh5x54d051459mxzh5x54d05302819.jpg
104.22.13.214200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/mxzh5x54d051459mxzh5x54d05302819.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 087d3624a7f32a705af22bd169fdb7d5
9993adcf19819be28b75300d50ceab3ea66f09c3
b4eec4e2796d9ec4ba4b5b2f1ea76b2af7466b25500aa14eca28ff618831280d
GET /upload/vod/2022/10-16/14/mxzh5x54d051459mxzh5x54d05302819.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7184
last-modified: Sun, 16 Oct 2022 06:59:30 GMT
etag: "634babd2-1c10"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af11c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/nj0jgcnqssz1500nj0jgcnqssz252913.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/nj0jgcnqssz1500nj0jgcnqssz252913.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7d26bd7e8a1fb428b305683b4f3c27ea
6bf00dae28888cd2d5b3fb44b94d7e8995c6b8ba
7d1cfb6934e114a0035223a02b9e977f65b0d0951d84256d8b93f36445815749
GET /upload/vod/2022/10-16/15/nj0jgcnqssz1500nj0jgcnqssz252913.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 10080
last-modified: Sun, 16 Oct 2022 07:00:25 GMT
etag: "634bac09-2760"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae61c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/wriruf50epx1459wriruf50epx562863.jpg
104.22.13.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/wriruf50epx1459wriruf50epx562863.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash d776693d4b8f4cfe69f5a68ad21ccbfb
5ea4593b399babcbeebe73c2a7508a71d6c34edf
b427da054db1c9204dc293e291423c5d718cc067067cb26b5cf0a78b927025f6
GET /upload/vod/2022/10-16/14/wriruf50epx1459wriruf50epx562863.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8579
last-modified: Sun, 16 Oct 2022 06:59:56 GMT
etag: "634babec-2183"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae91c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/v035sionght0623v035sionght1017240.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/v035sionght0623v035sionght1017240.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1d6749bac97713d86c83825137faeb1f
139377dfa4799a07ca2c3a2f3e82da240b7dc964
80b9f12d388c08e996ac2fe5f7ce0b080de51f3f75bddaeaf301bdd04b7328b3
GET /upload/vod/2019/11-08/06/v035sionght0623v035sionght1017240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 11117
last-modified: Thu, 07 Nov 2019 22:23:11 GMT
etag: "5dc4994f-2b6d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99afc1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/tzhhwn40eou1459tzhhwn40eou582867.jpg
104.22.13.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/tzhhwn40eou1459tzhhwn40eou582867.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e4d5a8077c3aed0bb021764da5fbbfb6
9e0c0231d3ec76e95821f6c4ab9e8bd654892deb
3b2dee7ffdb9a5da6cac7b0f3fa5b283e5a23e50c0092648762c80f9d8db97e2
GET /upload/vod/2022/10-16/14/tzhhwn40eou1459tzhhwn40eou582867.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 6558
last-modified: Sun, 16 Oct 2022 06:59:58 GMT
etag: "634babee-199e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aeb1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/ejzjfzxj55m1500ejzjfzxj55m222905.jpg
104.22.13.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/ejzjfzxj55m1500ejzjfzxj55m222905.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 3943ded1a88ea2714566d1983b6e7b1f
6bd1e09b222bdc82c023c8dcb4bdb627fcf5657a
723be3096b74d92684065b1aabc1ce23aeda804a3e3aae6c9a37e85b558cd0b8
GET /upload/vod/2022/10-16/15/ejzjfzxj55m1500ejzjfzxj55m222905.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8573
last-modified: Sun, 16 Oct 2022 07:00:22 GMT
etag: "634bac06-217d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99b011c0a-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QDTJmwZdL+hA2t3A+h8a0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WiyGpub0PmUe4v+hAtUzOJijbDQ=
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/a32041ntk2d1500a32041ntk2d032877.jpg
104.22.13.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/a32041ntk2d1500a32041ntk2d032877.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash bc96bfe658edd310745cd65fc8b2794a
04e94edfb7bc3bda1a88e9145081a838b983efb9
fb0bdc1935400217391467e0e042d9940d5d8fff9f99283344dfa4c5170a8f47
GET /upload/vod/2022/10-16/15/a32041ntk2d1500a32041ntk2d032877.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 12867
last-modified: Sun, 16 Oct 2022 07:00:03 GMT
etag: "634babf3-3243"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af01c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/gcswuweqfyn1500gcswuweqfyn022875.jpg
104.22.13.214200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/gcswuweqfyn1500gcswuweqfyn022875.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b3a7820a506001cff462a1a82819de30
6570d8f94a529b30839d120f4368bd0ae5859fd6
337edccf88295c7111eaa42378e2f401b62bfdf0095b030d3f822f12a92df8d9
GET /upload/vod/2022/10-16/15/gcswuweqfyn1500gcswuweqfyn022875.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 9230
last-modified: Sun, 16 Oct 2022 07:00:02 GMT
etag: "634babf2-240e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aef1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/5ey2wj0aepd14595ey2wj0aepd592869.jpg
104.22.13.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/5ey2wj0aepd14595ey2wj0aepd592869.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3b8e40bbdf4fc4d891644499a55e10f2
8323490c036b402cd194c28d775b44a9b51d6f32
256c51babad7e67b9965f21cf189616a837394500bbd31b7d74f5c426ce02715
GET /upload/vod/2022/10-16/14/5ey2wj0aepd14595ey2wj0aepd592869.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 11677
last-modified: Sun, 16 Oct 2022 06:59:59 GMT
etag: "634babef-2d9d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aec1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/1iqwjpiahnh14591iqwjpiahnh332827.jpg
104.22.13.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/1iqwjpiahnh14591iqwjpiahnh332827.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 580417edef1f545b3ac0f7f58aa57d9c
183b9595fe1981446787e122af60f15ecd094a18
e8f851c7b59b2a1c012dc50134239d86f0b6bede740dc9f7c833e7179e61ea46
GET /upload/vod/2022/10-16/14/1iqwjpiahnh14591iqwjpiahnh332827.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 10266
last-modified: Sun, 16 Oct 2022 06:59:33 GMT
etag: "634babd5-281a"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af51c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/shgycl2qgqo1459shgycl2qgqo352831.jpg
104.22.13.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/shgycl2qgqo1459shgycl2qgqo352831.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 44e687be35f0922f4a09496514542ebf
e34dfe856053d3f1a4b4b6f89bc537937568b0f7
ac3a545032d838ef795f496ec56e7439dd785f11b5a3a391269ec27a115997d7
GET /upload/vod/2022/10-16/14/shgycl2qgqo1459shgycl2qgqo352831.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8327
last-modified: Sun, 16 Oct 2022 06:59:35 GMT
etag: "634babd7-2087"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99af71c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/xemcvgnsjld1500xemcvgnsjld002871.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/xemcvgnsjld1500xemcvgnsjld002871.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0ad851e7eab887ffee8336be55f7e1f9
0204f1a989231e5752783b11ffd5c4a3ebf9b3bd
5ecaf6eb0159542d924587232a1c494cda042180037fd54b5122b04a83640a71
GET /upload/vod/2022/10-16/15/xemcvgnsjld1500xemcvgnsjld002871.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 10978
last-modified: Sun, 16 Oct 2022 07:00:00 GMT
etag: "634babf0-2ae2"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aed1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/byfb4p3jzud1500byfb4p3jzud262915.jpg
104.22.13.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/byfb4p3jzud1500byfb4p3jzud262915.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 36fb199c42e4f3eab9f9caefc14dd6e2
94cb18d0e81b4ad1076e56104d051df0efa087c8
f7ad108bc681ac6cc98c7d2e082d0f84c19e1902af96b10b930dbe3b4e22260d
GET /upload/vod/2022/10-16/15/byfb4p3jzud1500byfb4p3jzud262915.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 6896
last-modified: Sun, 16 Oct 2022 07:00:26 GMT
etag: "634bac0a-1af0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae71c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/ta4nlgm0wmy1459ta4nlgm0wmy342829.jpg
104.22.13.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/ta4nlgm0wmy1459ta4nlgm0wmy342829.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2ae67da15fa289325ac2e6c332728675
80444cca28c03883bb96d4c6fabc622139d1b755
c9bc083a68d1484f3b9882935170d6c8ca84da59446d62e910bd4cba3d33584b
GET /upload/vod/2022/10-16/14/ta4nlgm0wmy1459ta4nlgm0wmy342829.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8427
last-modified: Sun, 16 Oct 2022 06:59:34 GMT
etag: "634babd6-20eb"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99af61c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/yxlu2jaypek0624yxlu2jaypek1517288.jpg
104.22.13.214200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/yxlu2jaypek0624yxlu2jaypek1517288.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4762b315103af7e4c9298ee4c3a310d1
ee560156fb4201a4147af38b2a845a834724299a
0831deee9be1d1ca31c885619543c120e0772460e7ea8533fa2d758c9c4fbf3e
GET /upload/vod/2019/11-08/06/yxlu2jaypek0624yxlu2jaypek1517288.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7605
last-modified: Thu, 07 Nov 2019 22:24:15 GMT
etag: "5dc4998f-1db5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99b001c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/ns2h035togb1500ns2h035togb242909.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/ns2h035togb1500ns2h035togb242909.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 7d7ec6bce2d1d839cc88b2f7c058e2d6
e6ad61add3da56245a7b2511f20ea8514d8498de
755513efec8dcfe141f1cbbd2f5546dc356ce577e16f85f94a586f31cef2296e
GET /upload/vod/2022/10-16/15/ns2h035togb1500ns2h035togb242909.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 11388
last-modified: Sun, 16 Oct 2022 07:00:24 GMT
etag: "634bac08-2c7c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98ae41c0a-OSL
X-Firefox-Spdy: h2
154.36.223.68/img/logo.png
154.36.223.68200 OK 26 kB URL HTTP/1.1 154.36.223.68/img/logo.png
IP 154.36.223.68:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type PNG image data, 785 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 56502c21efcb1ae6c1928434464e63d4
ab1eb8e83926be8de07b00dd92b1e48688740831
c0412a74c3714573634fc895033cb448ec80ff14e4b26abae3047732bea2428d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/logo.png HTTP/1.1
Host: 154.36.223.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 23 Nov 2021 15:25:24 GMT
Accept-Ranges: bytes
ETag: "2cd0567ee0d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 25465
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/tzlwhhi0knd1500tzlwhhi0knd232907.jpg
104.22.13.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/tzlwhhi0knd1500tzlwhhi0knd232907.jpg
IP 104.22.13.214:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash e7941d4da495c39edc0cf0605ebbc08a
6a8140712a0f75b2e0cbbfaf8e749eff5f63a760
c4adbf343d8954826b9a4bca15a8c115924e717a79a25032be6540c56aca7e03
GET /upload/vod/2022/10-16/15/tzlwhhi0knd1500tzlwhhi0knd232907.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 12950
last-modified: Sun, 16 Oct 2022 07:00:23 GMT
etag: "634bac07-3296"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99b051c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/oeetn3cqpqf0622oeetn3cqpqf5417228.jpg
104.22.13.214200 OK 7.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/oeetn3cqpqf0622oeetn3cqpqf5417228.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fd45be89b3bc2e740ed3d6fd21ef7fbf
0f9c98ab7757f89dc3051b7c14c4c89daa9b8a54
f007e24a77dd5854834bab82a078296a2766ddfbb084d5f00dff0d7c577da64f
GET /upload/vod/2019/11-08/06/oeetn3cqpqf0622oeetn3cqpqf5417228.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7346
last-modified: Thu, 07 Nov 2019 22:22:54 GMT
etag: "5dc4993e-1cb2"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99afd1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/15/wtdmjoire0n1500wtdmjoire0n012873.jpg
104.22.13.214200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/15/wtdmjoire0n1500wtdmjoire0n012873.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b668efd37488ae503e503494d2e186c7
13a1dbd5869694f44b054dfba3d2640c692b128b
cec82265288e0df547bd3b59e605bbb752382bda11bc6a355337f70782b1c3f9
GET /upload/vod/2022/10-16/15/wtdmjoire0n1500wtdmjoire0n012873.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 8909
last-modified: Sun, 16 Oct 2022 07:00:01 GMT
etag: "634babf1-22cd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98aee1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/y3esg2cysoe1459y3esg2cysoe322825.jpg
104.22.13.214200 OK 9.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/y3esg2cysoe1459y3esg2cysoe322825.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c71525af51648b07cce3b219694d7507
b9568e9f9a2aef132b59fd33c38a6008918e451e
e1a4b18f781447d6d45adb4cce04e63d314325b1f5ebd892cc5d843afe7ef302
GET /upload/vod/2022/10-16/14/y3esg2cysoe1459y3esg2cysoe322825.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 9047
last-modified: Sun, 16 Oct 2022 06:59:33 GMT
etag: "634babd5-2357"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d98af41c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/dpy5queu50s0622dpy5queu50s2217204.jpg
104.22.13.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/dpy5queu50s0622dpy5queu50s2217204.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6fb23c40c02f54bab15df87cf0cf2471
d9b50a64fd8cbe65c3b6ee51fba467f5e5978661
3cf923402f714c66d499063b43d884e5bd21916eb0c529be55e336d2f27e5f40
GET /upload/vod/2019/11-08/06/dpy5queu50s0622dpy5queu50s2217204.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 10984
last-modified: Thu, 07 Nov 2019 22:22:22 GMT
etag: "5dc4991e-2ae8"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99aff1c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-16/14/kwigwubnsbe1459kwigwubnsbe362833.jpg
104.22.13.214200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-16/14/kwigwubnsbe1459kwigwubnsbe362833.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 46da383d6d869f6cdbb9add47abb539e
27a7d9fae6c8d5a481c40167372ad1daab32a7d9
3f63ab0bc0f976cae0e98da0095b829f2be11ef361f6684c784731ef10888b15
GET /upload/vod/2022/10-16/14/kwigwubnsbe1459kwigwubnsbe362833.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 6957
last-modified: Sun, 16 Oct 2022 06:59:36 GMT
etag: "634babd8-1b2d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99af81c0a-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/06/1f33wlwzv0l06221f33wlwzv0l3817216.jpg
104.22.13.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/06/1f33wlwzv0l06221f33wlwzv0l3817216.jpg
IP 104.22.13.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 163b02fbd820b87550f9f1c21ac14f03
43be2f32144789c13c7fcb3e9e5b55250e0cc20f
bbfe90b9faf8198a2f99f3ea1127d9b0a5eab1f9f3d39e75489b80474fe13c28
GET /upload/vod/2019/11-08/06/1f33wlwzv0l06221f33wlwzv0l3817216.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/jpeg
content-length: 7532
last-modified: Thu, 07 Nov 2019 22:22:38 GMT
etag: "5dc4992e-1d6c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f820d99afe1c0a-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4bc784850f585b551b84e830134e0039
cfc5a0cb41670956c6282c3121020bc46db62c03
5d8a150ad57040827684bbf47c61301deec11d9131d5d1e009f2a6d477fdeb62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D8A150AD57040827684BBF47C61301DEEC11D9131D5D1E009F2A6D477FDEB62"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5194
Expires: Fri, 25 Nov 2022 07:20:46 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6876
Expires: Fri, 25 Nov 2022 07:48:48 GMT
Date: Fri, 25 Nov 2022 05:54:12 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 00830cd9c198594ab9584700a3fa8b33
26672ecd71a9a3b8e762df907a7cb850ff9da8b6
348dd89bbfd495bad00ede7de45346d9c772db0dbc972a135ded670829097b60
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 16:39:34 GMT
Expires: Tue, 29 Nov 2022 16:39:33 GMT
Etag: "26672ecd71a9a3b8e762df907a7cb850ff9da8b6"
Cache-Control: max-age=383720,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820dd9b61b4f3-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash b7a40c7b1b94e9cd7afedd72481139dd
8146bdee3b10958f329368758988c2e7a8f16b7b
a9e5b9d4467ae5dda9e257c1911474f036e636b5c4eaa0a1098e87c4afe3eda6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 09:48:55 GMT
Expires: Tue, 29 Nov 2022 09:48:54 GMT
Etag: "8146bdee3b10958f329368758988c2e7a8f16b7b"
Cache-Control: max-age=359081,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f820ddec42b4f4-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 948db41609de7e0f96f3a4f147b6d20a
dec5baa8bd7b4c09662a2eea2810355376b5bf47
e4731379b3aa7de6fb19f750b10eae680ad0edb73dc4814809c8ca72f2c19238
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:56:21 GMT
ETag: "dec5baa8bd7b4c09662a2eea2810355376b5bf47"
Last-Modified: Fri, 25 Nov 2022 04:56:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 234
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820df0c26fac4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 007596762d1ff14be83f7f9bba123cf4
01014e4b18e20e128f971405575969a023d52544
ee3776d90dc23afcf2fb1ead15b578c66bb44293e2d66dddcc6b0408658ea235
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:48:25 GMT
ETag: "01014e4b18e20e128f971405575969a023d52544"
Last-Modified: Fri, 25 Nov 2022 03:48:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 190
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820df1d9cb500-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 007596762d1ff14be83f7f9bba123cf4
01014e4b18e20e128f971405575969a023d52544
ee3776d90dc23afcf2fb1ead15b578c66bb44293e2d66dddcc6b0408658ea235
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:48:25 GMT
ETag: "01014e4b18e20e128f971405575969a023d52544"
Last-Modified: Fri, 25 Nov 2022 03:48:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 190
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820df3db0b500-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1031dcd5959571008400be96c44bb14
3ef227bc7dfcd797124e34c9a96db7ba1ea57e9d
c3e5581ef9b10564243d1167ae0ec9c52e1efae77878e294f332903ed8c7f1d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3E5581EF9B10564243D1167AE0EC9C52E1EFAE77878E294F332903ED8C7F1D7"
Last-Modified: Wed, 23 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14149
Expires: Fri, 25 Nov 2022 09:50:02 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
a666.one/i/2022/10/25/6358033431b62.gif
23.226.11.146200 OK 70 kB URL HTTP/2 a666.one/i/2022/10/25/6358033431b62.gif
IP 23.226.11.146:0
ASN #23881 UDomain Web Hosting Company Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Hash d58f849d1e51e7101e218fec87ed6865
640cf018751b8a7479550323d59cd0f9b658ebd9
d8eabe8674cff4865bb0afb2da32f075f5612c78db36fdbed0a6482940726bba
Analyzer Verdict Alert quad9 Sinkholed
GET /i/2022/10/25/6358033431b62.gif HTTP/1.1
Host: a666.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/gif
content-length: 70244
server: UDomain.com.hk-CDN
last-modified: Tue, 25 Oct 2022 15:39:32 GMT
etag: "63580334-11264"
expires: Sun, 25 Dec 2022 05:54:12 GMT
strict-transport-security: max-age=31536000
x-cache-status: HIT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101c120009texk0w2379.gif?proc=autoorient
104.110.17.24404 Not Found 0 B URL HTTP/2 dimg04.c-ctrip.com/images/0101c120009texk0w2379.gif?proc=autoorient
IP 104.110.17.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/0101c120009texk0w2379.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-length: 0
access-control-allow-origin: *
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 431
cache-control: max-age=86397
expires: Sat, 26 Nov 2022 05:54:10 GMT
date: Fri, 25 Nov 2022 05:54:13 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
js.users.51.la/21362933.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21362933.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash b79447f6ce87f37118b0b4126b73be21
0ceb03f706c8b6c652045d032333b0b34df5fb23
26ce3a33f86f1a971441fd01b9dcd658aba5d877bb913692958b98725059b593
GET /21362933.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 25 Nov 2022 05:54:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=0e2af36d5957256b54c; path=/
HWWAFSESTIME=1669355651344; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
js.users.51.la/21362943.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21362943.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 7941ebf9ad31a6dc0794a4ee454a1bb0
05bb7d26ac152714559f4d2ff048e42147a89920
114f987702a37955984901db8e99a81093fe1cdd6e978ac917d8c26373c86f7e
GET /21362943.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 25 Nov 2022 05:54:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=db78744838bf30678f9; path=/
HWWAFSESTIME=1669355650069; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:51:49 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Sun, 25 Dec 2022 05:51:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8499225.com/8499/s/960x60.gif
172.247.50.226200 OK 331 kB URL HTTP/2 8499225.com/8499/s/960x60.gif
IP 172.247.50.226:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:12 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:54:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 81606
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 13605
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: df9d2675-0615-4993-83ab-87cdac30c05f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JyoGElIAMFh-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2343-315ac9210f212c9134ffa103;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:39 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: snfgherDVfBenP9XouMzFtaWfXLh4TeiwDmEb0hQh5L9Ww57Hkxl3g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:30:43 GMT
age: 26610
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f65dfa986cf95e8fb459778b945c59
29edd439b6e7894bc4771fc655a50d926f349a08
c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsokHSgoAMF_RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KDIu_SbDdEi4ynoXJsXclQJmaAse8FTkyZdGCzmv0Pvgj3C0bus8XQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:55:18 GMT
age: 10735
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2580ebded0a32ceecc3083ae1db2b37
2ec124224738807229328a3ade6ca493ccf4b287
010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4J3VEM5IAMFtcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GkCprkFbPK6I-bo5k-rs37xaRDpqgUYbOydu2fd5-fTwqQ-d5lWlWw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:12:48 GMT
age: 2485
etag: "2ec124224738807229328a3ade6ca493ccf4b287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e97ba6c4c94a299553238e643a3acc7
9be5a5497a8566ea66e81765ef8566e6b716ab5b
bda1bb57f0198e711c3018417513237b9533cfe2e5856ada5383f7461090f40a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: efabf5fa-f031-4249-8a2c-01dd55c11d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuxFj5oAMFvSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b232b-1a6f713b0674035c1a1b925a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DLb4iXB5DlHVAliRxEaxufYLLVzNI44YLc7WqL0D5B062j53nTKo9A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 13:42:52 GMT
age: 58281
etag: "9be5a5497a8566ea66e81765ef8566e6b716ab5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6b2970327bfc720f395334f73a94c7b5
2469539bf0a272f38a654a5ec3e14f9e28ec350e
215ecad4022c49933e97450cb21268e44a52164402de4a74f16c5f2267054ae6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:54:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:28:45 GMT
ETag: "2469539bf0a272f38a654a5ec3e14f9e28ec350e"
Last-Modified: Fri, 25 Nov 2022 02:28:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f820e4ddfffac4-OSL
www.fa2021.com/images/4963.gif
104.192.86.89200 OK 616 kB URL HTTP/1.1 www.fa2021.com/images/4963.gif
IP 104.192.86.89:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 616 kB (616302 bytes)
Hash 9cc9c2d736ae07cd05a66594b49816a0
1852b45d0dd2c4c2bf1553f8811ebec3e03be49d
90c86a9c0fd110cf612070a2c12d2cababd7d3e3d2dd0201ba56bbb2aa97f5bc
GET /images/4963.gif HTTP/1.1
Host: www.fa2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Sun, 10 Jul 2022 11:29:55 GMT
Accept-Ranges: bytes
ETag: "e512e0605094d81:0"
Server: Microsoft-IIS/8.5
Date: Fri, 25 Nov 2022 05:54:10 GMT
Content-Length: 616302
8644aaw.com/xxww.gif
60.244.96.178200 OK 75 kB IP 60.244.96.178:0
ASN #24154 Asia Pacific Broadband Fixed Lines Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Hash d22916c67c4fa10ec002d7510d251f66
808541d87c7a038058205fb55d7fe7470c49af28
6e9f841b23232e619b1457963ea9403d34a57e61cec64c7ba5b9bb8529099dbb
GET /xxww.gif HTTP/1.1
Host: 8644aaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:54:10 GMT
content-type: image/gif
content-length: 75067
last-modified: Fri, 06 May 2022 10:00:24 GMT
etag: "6274f1b8-1253b"
expires: Sun, 25 Dec 2022 05:54:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:51:49 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Sun, 25 Dec 2022 05:51:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8644aaw.com/294x130.jpg
60.244.96.178200 OK 43 kB IP 60.244.96.178:0
ASN #24154 Asia Pacific Broadband Fixed Lines Co., Ltd.
File type GIF image data, version 89a, 130 x 294\012- data
Hash 10ac555fb267a033dd7fbb1eeb645c74
056ccc6bb364e9111befff842806116dd2370bb0
081db1bdc7345a96537bd243975ea429a6603ff5686a411dc3ba37994af7f1e5
GET /294x130.jpg HTTP/1.1
Host: 8644aaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:54:10 GMT
content-type: image/jpeg
content-length: 42744
last-modified: Thu, 07 Apr 2022 11:28:32 GMT
etag: "624ecae0-a6f8"
expires: Sun, 25 Dec 2022 05:54:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ia.51.la/go1?id=21362933&rt=1669355653037&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=1&ekc=&sid=1669355653037&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21362933&rt=1669355653037&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=1&ekc=&sid=1669355653037&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21362933&rt=1669355653037&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=1&ekc=&sid=1669355653037&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 25 Nov 2022 05:54:14 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=6abfd29edd9a36df51b; path=/
HWWAFSESTIME=1669355653520; path=/
8499583.com/8499/150x150.gif
23.224.101.36200 OK 135 kB URL HTTP/2 8499583.com/8499/150x150.gif
IP 23.224.101.36:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 135 kB (134747 bytes)
Hash 48c8ab8ae6b52201e71decda0b783d26
5817a61ac305b0b96542b5aced965e79cf67d010
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8
GET /8499/150x150.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:54:13 GMT
content-type: image/gif
content-length: 134747
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
etag: "20e5b-5ed573c48c405"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ia.51.la/go1?id=21362943&rt=1669355653052&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=2&ekc=&sid=1669355653052&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21362943&rt=1669355653052&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=2&ekc=&sid=1669355653052&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21362943&rt=1669355653052&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580&ing=2&ekc=&sid=1669355653052&tt=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&kw=%25E9%2595%259C%25E8%258A%25B1%25E6%25B0%25B4%25E6%259C%2588%25E6%259C%2580%25E6%2596%25B0%25E6%258E%25A8%25E8%258D%2590%252C%25E4%25B9%2585%25E4%25B9%2585%25E7%25B2%25BE%25E5%2593%258199%25E6%2597%25A0%25E8%2589%25B2%25E7%25A0%2581%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595_%25E4%25BA%259A%25E6%25B4%25B2AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E7%25BD%2591%25E7%25AB%2599_%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25BE%258E%25E7%2586%259F%25E5%25A5%25B3%25E4%25B9%25B1%25E5%258F%2588%25E4%25BC%25A6AA%25E7%2589%2587%25E8%25AF%2595%25E7%259C%258B_%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585AV%25E7%25A6%258F%25E5%2588%25A9%25E5%258A%25A8%25E6%25BC%25AB_%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E7%258B%25BC_%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25BA%25BA%25E4%25BA%25BA%25E5%25A6%25BB%25E4%25BA%25BA%25E4%25BA%25BA%25E5%2581%259A%25E7%25B2%25BE%25E5%2593%2581&cu=http%253A%252F%252Fqwyxsc.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 25 Nov 2022 05:54:14 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=1911e4ab39c8df2f6f7; path=/
HWWAFSESTIME=1669355652590; path=/
8644aaw.com/960x80.gif
60.244.96.178200 OK 128 kB IP 60.244.96.178:0
ASN #24154 Asia Pacific Broadband Fixed Lines Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 128 kB (128242 bytes)
Hash 9e25d663f7007e6e7a158d2ebcd2b9c0
80275f2e619021f6a86066747ffd027aeff13b08
2bf8ed82e916853854f148d279d55ad35c91e48bb0faaca2d23eefaeaf657a18
GET /960x80.gif HTTP/1.1
Host: 8644aaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:54:10 GMT
content-type: image/gif
content-length: 128242
last-modified: Thu, 07 Apr 2022 11:27:24 GMT
etag: "624eca9c-1f4f2"
expires: Sun, 25 Dec 2022 05:54:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 1fcfb0dd18fb00e0058d5c9c188bbb14
ae9519fd510e1277e95902b0f7923c2283f66e00
66e72ccca2c18f055091a5a56f67d365b78a7f8f13388e06c94fffd4742d5d71
GET /hm.js?3df8be917891033aa229f40ad4fd25e3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:14 GMT
Etag: b4b81c37b71041bb8cb8849925f082ff
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B3510FB0D0803A37; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?1e213d4d44c7c4df149d8e9335312981
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1e213d4d44c7c4df149d8e9335312981
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 6a1b21935f37964dee11ab1a53156042
de1ed052ef4a194a9701b6dc1d9a83d1fb13c750
9fa65e77feea3fb73a94bdf3129dce8c0e3c49abb924a63f71d4fa6707ab9306
GET /hm.js?1e213d4d44c7c4df149d8e9335312981 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11266
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 05:54:14 GMT
Etag: 11fe47df3128991dac9e5ef5ed3872a5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7D7D10A5DEC95F1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
43.154.254.32200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 05:54:13 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 328 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: aa3773ab-d214-44d1-af6b-b3665331d235
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1746253380&si=3df8be917891033aa229f40ad4fd25e3&v=1.3.0&lv=1&sn=48134&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1746253380&si=3df8be917891033aa229f40ad4fd25e3&v=1.3.0&lv=1&sn=48134&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1746253380&si=3df8be917891033aa229f40ad4fd25e3&v=1.3.0&lv=1&sn=48134&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F389A19EF145F465; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
p.qlogo.cn/qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQhDB73Piass8UBcgGa30taMyavgLRq4CSCiavyxY7bzDFpg/0
43.154.254.32200 OK 238 kB URL HTTP/2 p.qlogo.cn/qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQhDB73Piass8UBcgGa30taMyavgLRq4CSCiavyxY7bzDFpg/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 70\012- data
Size 238 kB (237876 bytes)
Hash 3fd03ed71e2787bfe918f20f51a7fbc3
dacb7d3fdd2e05792a81ea70a199fe82a0e357be
72f8c564618e0872646be48bafdd3789459d98d0596d8b46e29be8e618061ca9
GET /qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQhDB73Piass8UBcgGa30taMyavgLRq4CSCiavyxY7bzDFpg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 05:54:13 GMT
content-type: image/gif
content-length: 237876
vary: Accept,Origin
last-modified: Sun, 13 Feb 2022 00:26:17 GMT
cache-control: max-age=2592000
x-delay: 37748 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 237876
chid: 0
fid: 0
x-nws-log-uuid: e370d68f-703f-4b20-bdff-3808ca92129b
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQh3H4ib9t8alK7aKHQrjRdIvoeAddQhB4elexM2ic5ZvtGo/0
43.154.254.32200 OK 637 kB URL HTTP/2 p.qlogo.cn/qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQh3H4ib9t8alK7aKHQrjRdIvoeAddQhB4elexM2ic5ZvtGo/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 637 kB (636562 bytes)
Hash f7422de504d315d73c0e0ea36e2ff3b8
3495dad5336c7a9ce1360f107028c8ad848e60cf
6d9e10649383b780a6245460687b1a859b95180f13b708f824d3edb3bcbc7980
GET /qqmail_head/7WqzhHJVNiaLkUlEnaGImvnicGyIxu7AQh3H4ib9t8alK7aKHQrjRdIvoeAddQhB4elexM2ic5ZvtGo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 05:54:13 GMT
content-type: image/gif
content-length: 636562
vary: Accept,Origin
last-modified: Fri, 25 Mar 2022 15:33:27 GMT
cache-control: max-age=2592000
x-delay: 67779 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 636562
chid: 0
fid: 0
x-nws-log-uuid: 484b5212-0653-48f3-8613-da4c36f03236
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872758121&si=1e213d4d44c7c4df149d8e9335312981&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872758121&si=1e213d4d44c7c4df149d8e9335312981&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=872758121&si=1e213d4d44c7c4df149d8e9335312981&v=1.3.0&lv=1&sn=48135&r=0&ww=1280&u=http%3A%2F%2Fqwyxsc.com%2F&tt=%E9%95%9C%E8%8A%B1%E6%B0%B4%E6%9C%88%E6%9C%80%E6%96%B0%E6%8E%A8%E8%8D%90%2C%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%8199%E6%97%A0%E8%89%B2%E7%A0%81%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95_%E4%BA%9A%E6%B4%B2AV%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E7%BD%91%E7%AB%99_%E6%AC%A7%E6%B4%B2%E7%BE%8E%E7%86%9F%E5%A5%B3%E4%B9%B1%E5%8F%88%E4%BC%A6AA%E7%89%87%E8%AF%95%E7%9C%8B_%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85AV%E7%A6%8F%E5%88%A9%E5%8A%A8%E6%BC%AB_%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E4%B9%85%E4%B9%85%E4%B9%85%E7%8B%BC_%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%BA%BA%E4%BA%BA%E5%A6%BB%E4%BA%BA%E4%BA%BA%E5%81%9A%E7%B2%BE%E5%93%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qwyxsc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 05:54:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9C93689D9692798F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
qwyxsc.com/template/m1938pc/css/favicon.ico
154.64.127.13404 Not Found 146 B URL HTTP/1.1 qwyxsc.com/template/m1938pc/css/favicon.ico
IP 154.64.127.13:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/css/favicon.ico HTTP/1.1
Host: qwyxsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qwyxsc.com/
Cookie: __tins__21362933=%7B%22sid%22%3A%201669355653037%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201669357453037%7D; __51cke__=; __51laig__=2; __tins__21362943=%7B%22sid%22%3A%201669355653052%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201669357453052%7D; Hm_lvt_3df8be917891033aa229f40ad4fd25e3=1669355654; Hm_lpvt_3df8be917891033aa229f40ad4fd25e3=1669355654; Hm_lvt_1e213d4d44c7c4df149d8e9335312981=1669355655; Hm_lpvt_1e213d4d44c7c4df149d8e9335312981=1669355655
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 05:54:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive