firefox.settings.services.mozilla.com/v1/
18.164.68.6200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.6:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 01:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: GZLuk6aI3UlzSvUqo8j0ER7CVF6L9r9GhdVpKOMy2WJoM72BRDJvJw==
Age: 1722
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5466
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Mon, 03 Oct 2022 01:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4337
Expires: Mon, 03 Oct 2022 02:44:21 GMT
Date: Mon, 03 Oct 2022 01:32:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FS3RU6aKTi87Q8WuLYE6uRtouPjh8ju1VkTFwhVRmoQPHapNDB492tLQ0JdjIvk8qKzZ/MmB+1WxzBF5K1sYDg==
x-amz-request-id: 5YZADPG41X6H4ZHV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 00:50:14 GMT
age: 2510
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
1putao.com/
107.149.126.20301 Moved Permanently 0 B IP 107.149.126.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 1putao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 03 Oct 2022 01:31:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.1putao.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.6200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.6:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 00:55:18 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 01:01:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8671c9c28d4abb06df55e1091d0f124a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: em53ztIt97vOpL1yX3TrBRxaOjsRbxCKDqbrONWJPxGTbqKH5kaTQw==
Age: 3552
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4361
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 01:32:05 GMT
Last-Modified: Mon, 03 Oct 2022 00:19:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VAbbp7qOz+HidmtljaP3mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 49UZTzjBM0YYlSVUr/U0Ttvtpjk=
www.1putao.com/index.php
107.149.126.20200 OK 611 B IP 107.149.126.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (679), with CRLF line terminators
Hash 8cab47189094715235ffd96e1f28cb2c
cae1696a0e5f25b63e82a1c792f8c0268e9ccae3
5f966b36c12548f497ef190b033470b201f40df9388990334f2f080a38bc5592
GET /index.php HTTP/1.1
Host: www.1putao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 01:31:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.1putao.com/common.js
107.149.126.20200 OK 656 B IP 107.149.126.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash ef496c9e19a0e44f9732ddbc046893db
ded7f3e151a0c71038e1203c920275ef8f857d2d
a924db5c5d7da3c404d094c79f76c027b0f24eface96239d73cac62eb1235b3e
GET /common.js HTTP/1.1
Host: www.1putao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1putao.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 01:31:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.1putao.com/tj.js
107.149.126.20200 OK 258 B IP 107.149.126.20:0
File type ASCII text, with CRLF line terminators
Hash 914ea46465abe1fc4545f29178e8f534
2c7254e74a2aef3c37929e43e425f10915df37a2
8b4ef00ff05cdb885e17718069fc17b84be3c73ddd0a0b51db39e32f2a187076
GET /tj.js HTTP/1.1
Host: www.1putao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1putao.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 01:31:49 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.1putao.com/favicon.ico
107.149.126.20200 OK 1.2 kB URL HTTP/1.1 www.1putao.com/favicon.ico
IP 107.149.126.20:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.1putao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1putao.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 03 Oct 2022 01:31:49 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 08 Oct 2022 01:31:49 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85078128c2fcd7f88ac89e35ab02c94d
668d8449c129d9111aa19e65e6f13a4d44ad092d
6a2cbf0436caccf08c1dbca8fca70ce04598ee276229a93afe71b008a9633a70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A2CBF0436CACCF08C1DBCA8FCA70CE04598EE276229A93AFE71B008A9633A70"
Last-Modified: Sat, 01 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Mon, 03 Oct 2022 07:31:45 GMT
Date: Mon, 03 Oct 2022 01:32:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13733
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:32:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13733
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:32:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13733
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:32:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13733
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:32:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 75066
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c9691e104001fe54d3c6273b7b8596
481ec2135ca0a96484c36cced30776c871aedf8f
f9e5e087d8b6e9b357c9f93b00c5919d89d90ac9b48d2dcd1ac72bf775a5cf49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5383
x-amzn-requestid: 19106579-5727-4220-82ca-e9b7887d9896
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZM7OfEwuoAMFnXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63350bf6-2d80c27d185f114c4c512edb;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 03:07:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: w5VYRREUVlFeuns2fBH1W0i8aLDCbjwj7-R5kbSZhcct5Q931ndGqQ==
via: 1.1 6785379936d15b44a779e5f13a6567de.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 02:10:46 GMT
age: 84080
etag: "481ec2135ca0a96484c36cced30776c871aedf8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dcf393f-77c1-48ed-9c3e-ab160d7b4829.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dcf393f-77c1-48ed-9c3e-ab160d7b4829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7660e05c8a7b32db05f8c56693bc774
b64aff132fdfc91cf59f70170b3d4bd3fc025294
e1d523c385cf05ae2d432526a387f43443d14b4b68129aa76229687366938805
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dcf393f-77c1-48ed-9c3e-ab160d7b4829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 1825bd73-4760-43e8-97f7-c9d2c06a119f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXXxRHYkoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633939a1-4e92f3265ead21e876cfb556;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:11:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l-YyB6m2kDzmbo7Mo4vBedg5_c_N4U3PrCkpNlicpARH0-BrwjnEOA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 07:44:09 GMT
age: 64077
etag: "b64aff132fdfc91cf59f70170b3d4bd3fc025294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 13643
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UnHrBSOKrX4XRjDOtvi6MEMUF9BgrHqn4_2zFpaaKh4X3e-lFzA-2A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:03:43 GMT
age: 30503
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 13599
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
qipilang.xyz/template/guanggao/shang.js
154.22.125.209404 Not Found 146 B URL HTTP/2 qipilang.xyz/template/guanggao/shang.js
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/guanggao/shang.js HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 901c709034ae58f5af52101e3b4585ef
f2c083a5ed6ce150c4cdfe465e4303018d992741
3733ca1701fd386bb68e0426cef0467c2fe7b70770c108e1019314d15dbbcdff
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 06 Oct 2022 22:23:42 GMT
ETag: "f2c083a5ed6ce150c4cdfe465e4303018d992741"
Last-Modified: Sun, 02 Oct 2022 22:23:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 546
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541ec13191ab4fa-OSL
qipilang.xyz/template/m1938pc/ads/88888.gif
154.22.125.209200 OK 66 kB URL HTTP/2 qipilang.xyz/template/m1938pc/ads/88888.gif
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type GIF image data, version 89a, 960 x 80\012- data
Hash 533088f482b5d674e3c5fc25279e0037
29b6daf86814e89dfc9b93cc97ff61c06d190fac
61dfa09f1abc9d378aaf0f9c2dc2b5a9f6b3de5bdfb63fe42887d1c5a6d8f3ca
GET /template/m1938pc/ads/88888.gif HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/gif
content-length: 65451
last-modified: Thu, 25 Aug 2022 12:56:05 GMT
etag: "63077165-ffab"
expires: Wed, 02 Nov 2022 01:32:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/images/loading.svg
154.22.125.209200 OK 506 B URL HTTP/2 qipilang.xyz/template/m1938pc/images/loading.svg
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:25 GMT
etag: "61da9f3d-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
qipilang.xyz/
154.22.125.209200 OK 15 kB IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash 9d7a80daf64c4341b505ce4ecee66dbf
cfa1b4b61d9b44311c4f20d0b766012a903dfef5
55580afffb01c859329b364bc23ef0dd439f4b3f1e0a0dd0476c60a91946c903
GET / HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1putao.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/images/video-mask.png
154.22.125.209200 OK 107 B URL HTTP/2 qipilang.xyz/template/m1938pc/images/video-mask.png
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Wed, 02 Nov 2022 01:32:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/images/video-play.png
154.22.125.209200 OK 1.6 kB URL HTTP/2 qipilang.xyz/template/m1938pc/images/video-play.png
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:21 GMT
etag: "61d4644d-61f"
expires: Wed, 02 Nov 2022 01:32:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/d33amdj4luz1225d33amdj4luz0417229.jpg
172.64.141.29200 OK 9.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/d33amdj4luz1225d33amdj4luz0417229.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 80659483eb871e237d0aa0ac009d6945
5f3148f77634675abb30d56e0c53bfc851a4f5fe
ecd693926fb8401617c3db4aa05315380180d0aec6f1cce437c24433fd5a520e
GET /upload/vod/2022/08-17/12/d33amdj4luz1225d33amdj4luz0417229.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/jpeg
content-length: 9422
cf-bgj: h2pri
etag: "e02ef552f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GERDaAs9AcUJZqLOwvrZQD6%2Fez3dAiV%2Ft31P50t6PmHAcN3hEvXRSN4qR83S1t8WLZiKF7jEeKojBIbE2IwY06at52F2EuGaJqpDCFgPFeUEGYSuBcglTIHroKANOKJj0kHh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec153a4b0726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/xrgv4etj0kh1224xrgv4etj0kh5817215.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/xrgv4etj0kh1224xrgv4etj0kh5817215.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 565b675513a4e4a2420327e87d99f159
cd4f248a0d7706f6cb824086ec1dc0d8bded31ac
c91b8a1d4f883d646b2aacc0fda4fd0d5eb4b05ff7c23149573111be7248aeb5
GET /upload/vod/2022/08-17/12/xrgv4etj0kh1224xrgv4etj0kh5817215.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: image/jpeg
content-length: 11915
cf-bgj: h2pri
etag: "8df92c4ff1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:24:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3914
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXQ5tZzacgF0a%2F%2FWdGrRM4CVdET68H2bgLEaE6Hg%2BqPmR%2F%2BUJUNMnYAK0260zEN547xuFtpIXyMTxTsw84cmnPxtxtoEb4%2BwZzDqdUlJcsyf1aqHGQ%2BF1FovclkLNiPBqLlk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec154a550726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/e3u10zz3xss1225e3u10zz3xss0017221.jpg
172.64.141.29200 OK 9.0 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/e3u10zz3xss1225e3u10zz3xss0017221.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4d84642c5de3b437cfd6161a3e7f9a32
57932690b85eabe5518827c3d25636638a889a63
7bdec7a551c51d1b7cbb3f235a2271e8182dd4c6d7f3ceb530029729757b3cb4
GET /upload/vod/2022/08-17/12/e3u10zz3xss1225e3u10zz3xss0017221.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 9030
cf-bgj: h2pri
etag: "8ee8de50f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:00 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0x5HgAPauQAE2bEzdeaeKIWvKkcrFCwmvfqiaLdXWd8tBgQ%2BMDMEUMdQPylcWc6%2BICskq%2Bq7oR01b%2ByDxbbfdSmc8cL1RF08tYCKeVEoN7KQunwkP0g%2BcZr5vSfCO4t%2Fbyoc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec153a480726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/dqt3xaqjfl01224dqt3xaqjfl05917217.jpg
172.64.141.29200 OK 14 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/dqt3xaqjfl01224dqt3xaqjfl05917217.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fa4cb13e4616116ed5eb8295f3e4c848
0efe8ea7dd7d0e337c2ac407b0d5b87fe25ea537
4e6155ec6c164b112daaf3b77d756ea27b82e2b262a22621a39c512638b5a557
GET /upload/vod/2022/08-17/12/dqt3xaqjfl01224dqt3xaqjfl05917217.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 13687
cf-bgj: h2pri
etag: "fda3d84ff1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:24:59 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DJTwo7ZzQOXPogoYhlbgI5h6VUl6GOu5rQezPqtakTkz6iZV7v3fwQYtwuqUMnAfBPEVxSqwlnspIpkyaVyV8tiGVHydcLnltf4idFB2INLog725qxAmD5lEvxu6vmlhks3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec153a4c0726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/uykwg5s1idz1225uykwg5s1idz0317227.jpg
172.64.141.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/uykwg5s1idz1225uykwg5s1idz0317227.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b210b8b4e3d5e8601be760749701b025
04935d0fde937c87a4dc782792248a33e29fb85f
515af54ff5f52a8a950536889663ea34151605aea75898f3cd01c9bac7a4d262
GET /upload/vod/2022/08-17/12/uykwg5s1idz1225uykwg5s1idz0317227.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 9915
cf-bgj: h2pri
etag: "1dab6f52f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:03 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v21igS9lEHajnvN%2BYACoW0jGku%2FQI61SNqvXl7buf%2FjkVOgXg1DPMG9VdSgJEwIDEm0HKLn3r5zedtgUa8giCtuuXiO4FpARJdZG3wM1lD2eD4RSbCagZu5B1uo52V9tazsZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec153a4a0726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/5sfdubb03ig12255sfdubb03ig0217225.jpg
172.64.141.29200 OK 6.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/5sfdubb03ig12255sfdubb03ig0217225.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 11436219eff1145d73e8111a6918b4a9
76439253d971f9216eaedec76f424ef143ec8ecf
f271db3428cd689a80be5b4f1e579d9ead71a8dfcc48a1afff807cb324e169d8
GET /upload/vod/2022/08-17/12/5sfdubb03ig12255sfdubb03ig0217225.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 6821
cf-bgj: h2pri
etag: "2388ec51f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:02 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsyKN3UAhrqitFQDAC%2BN5CWimkFkdiz8C3sHnXPnbKOD9hCDP4qLdb6Qf2tp4Hau3DsNrmgl2EetC5DSqGRuUXUx%2FveBwnLn3r2ADv01Po%2BSUbxQgMlBTlIynPmBNteZG7kN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec154a5c0726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/4usfkb4wy5c12254usfkb4wy5c0117223.jpg
172.64.141.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/4usfkb4wy5c12254usfkb4wy5c0117223.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ff40e085ecc22bceac375856fc5eb0cb
8fd603a167586993dc8c0fb1819fcdb19dc71c94
5b21e3fb6c07158f4a607e021250008d17bc105b4c60fd11c51ec226ca8c709f
GET /upload/vod/2022/08-17/12/4usfkb4wy5c12254usfkb4wy5c0117223.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 12141
cf-bgj: h2pri
etag: "454c6951f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:01 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b9LutXJI%2F4vjXD91fxeemqoGfjrDCl%2B485qealaUfUIjh8Mzpz7cBZXVDOcc54v93I976jj6bFSU1OZ9PGP4ngmj1t8EuZhU91HpJiHHNC%2F7OBJB7StEiWOtaDdfON%2Fp80F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec154a5a0726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/08-17/12/dhlf2jei3uz1225dhlf2jei3uz0017219.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/08-17/12/dhlf2jei3uz1225dhlf2jei3uz0017219.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f3237217e59616e4772fc000d123a80a
5384a615cbdd366d2074134d13af8ed8f375f19e
61c9f8bfc49b4bf8a9525f79e7339aaa4e6a992bfef1afffe780918ccbdb0a9d
GET /upload/vod/2022/08-17/12/dhlf2jei3uz1225dhlf2jei3uz0017219.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 01:32:08 GMT
content-type: image/jpeg
content-length: 10932
cf-bgj: h2pri
etag: "3c295e50f1b1d81:0"
last-modified: Wed, 17 Aug 2022 04:25:00 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNOJNeir0RGwNxLbRq2MjNO%2B%2BnGGzDMJ3J72W%2BIPWQSMSpz5PTEXDRookV7sjVzp3vOf11L7kuAQUr8WxRbD4lRhnfFhrhAmzlvEaackfXTZGIN%2B46LKdgn%2BgTvdWAlMfW8%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7541ec154a560726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7e88b1a1379373c8021291c4469eb019
e8154463ef833116017d6a12096915c3c8430ecc
acf1eae2b02828f66816a5c8f085d360d55ce135d304f044546306fcfa05ffc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 09:09:36 GMT
Expires: Fri, 07 Oct 2022 09:09:35 GMT
Etag: "e8154463ef833116017d6a12096915c3c8430ecc"
Cache-Control: max-age=372446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec17bb1a0b3d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7e88b1a1379373c8021291c4469eb019
e8154463ef833116017d6a12096915c3c8430ecc
acf1eae2b02828f66816a5c8f085d360d55ce135d304f044546306fcfa05ffc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 09:09:36 GMT
Expires: Fri, 07 Oct 2022 09:09:35 GMT
Etag: "e8154463ef833116017d6a12096915c3c8430ecc"
Cache-Control: max-age=372446,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec17c99b0b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash de2c7ec74234659aa59e64bd04b44a24
098b16a336dba950e5811cf14011cc7ac20928fc
62e8807b222d880f1479d36045707d0cd98dfec2a33fe5614c4b61feb079649f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 10:22:02 GMT
Expires: Sun, 09 Oct 2022 10:22:01 GMT
Etag: "098b16a336dba950e5811cf14011cc7ac20928fc"
Cache-Control: max-age=549592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec187a3fb50c-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8932a2b11e5cc8c0012970ef293732a8
30e4b4f73fe308dc98fc6c205b54e1e36f66c87a
3403ba700eb46d243a02a5ab47c91c0611516d17a5f9484f5366935a2728dab2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 10:38:20 GMT
Expires: Sat, 08 Oct 2022 10:38:19 GMT
Etag: "30e4b4f73fe308dc98fc6c205b54e1e36f66c87a"
Cache-Control: max-age=464170,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec188d7d0b4d-OSL
hm.baidu.com/hm.js?893766d77ee36add7c3dcc35f8598927
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?893766d77ee36add7c3dcc35f8598927
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash a781202c26c51ca839dfcd0dd46009ea
fabedae80bdb2949ef306880f357c0cec60dc3e5
0d7a7e99a28316206791cf243dd79b64a0a7fc8d67bec94718d28c382e9b0335
GET /hm.js?893766d77ee36add7c3dcc35f8598927 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1putao.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Mon, 03 Oct 2022 01:32:08 GMT
Etag: 93cb5ea00bd08f4cd800449bb32d956d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3436305BAFE3FFA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=232343079&si=893766d77ee36add7c3dcc35f8598927&v=1.2.97&lv=1&sn=40659&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1putao.com%2Findex.php&tt=%E7%9F%B3%E5%98%B4%E5%B1%B1%E5%B3%A1%E5%AD%97%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=232343079&si=893766d77ee36add7c3dcc35f8598927&v=1.2.97&lv=1&sn=40659&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1putao.com%2Findex.php&tt=%E7%9F%B3%E5%98%B4%E5%B1%B1%E5%B3%A1%E5%AD%97%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=232343079&si=893766d77ee36add7c3dcc35f8598927&v=1.2.97&lv=1&sn=40659&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.1putao.com%2Findex.php&tt=%E7%9F%B3%E5%98%B4%E5%B1%B1%E5%B3%A1%E5%AD%97%E4%BF%9D%E5%AE%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1putao.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Oct 2022 01:32:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C4EE69A261885E6A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif
45.61.212.129200 OK 720 kB URL HTTP/1.1 zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif
IP 45.61.212.129:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
GET /a948bb8284944c4f8dafa24a384cbb8a.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fb9d96-afb81"
Date: Sat, 24 Sep 2022 02:11:11 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 16 Aug 2022 13:37:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 719745
91836731671.com/2f33e44a8bfb496da9314b983f27e40a.gif
45.61.212.48200 OK 956 kB URL HTTP/1.1 91836731671.com/2f33e44a8bfb496da9314b983f27e40a.gif
IP 45.61.212.48:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 956 kB (956396 bytes)
Hash d594983962c0fcfe9c2be14762eb6074
aa1f09ab415ceb8478313f931bd9e8776023decd
9d679c21f46b994da6093756e01b947af8c7b11d02f7a8812bc8eba421576d0b
GET /2f33e44a8bfb496da9314b983f27e40a.gif HTTP/1.1
Host: 91836731671.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630caef8-e97ec"
Date: Wed, 14 Sep 2022 02:22:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 29 Aug 2022 12:20:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-18
Content-Length: 956396
hm.baidu.com/hm.js?2f78a6aad40daf74fb132d02edf323db
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2f78a6aad40daf74fb132d02edf323db
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash d51e7779f4af459bbbaab98f2b173dfc
3c6de9ebb01985bc63c165c462723225a9fb91cc
f473a6a97305771220bbddb97aad341cebfafd629f45b5123f2bba05b267db65
GET /hm.js?2f78a6aad40daf74fb132d02edf323db HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Mon, 03 Oct 2022 01:32:08 GMT
Etag: 5b1a24f9fceef6747ccac57578f8bf24
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=41D6244759F6556E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6f02b3e62fa6e366750094f9191b8b00
80ea876fc7052ae6d6c711157832d83955a91f41
a6c61025d483ce289d8712c0e5dfd30bf69938841bc7169abda7116bd2679601
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 08:14:07 GMT
Expires: Sat, 08 Oct 2022 08:14:06 GMT
Etag: "80ea876fc7052ae6d6c711157832d83955a91f41"
Cache-Control: max-age=455516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec209eda0b3d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6f02b3e62fa6e366750094f9191b8b00
80ea876fc7052ae6d6c711157832d83955a91f41
a6c61025d483ce289d8712c0e5dfd30bf69938841bc7169abda7116bd2679601
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 08:14:07 GMT
Expires: Sat, 08 Oct 2022 08:14:06 GMT
Etag: "80ea876fc7052ae6d6c711157832d83955a91f41"
Cache-Control: max-age=455516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec209df4b50c-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 735e328880fb218d58cdc3dfe486d5c9
db66c16a80efb265afcca5bc954a175a2896aa85
a8ec5734ab549d521c604da40e07f70fc167c8f85bf9174ce2a5cca3dfccc786
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 16:07:44 GMT
Expires: Fri, 07 Oct 2022 16:07:43 GMT
Etag: "db66c16a80efb265afcca5bc954a175a2896aa85"
Cache-Control: max-age=397533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec209df00b06-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1694819632&si=2f78a6aad40daf74fb132d02edf323db&su=http%3A%2F%2Fwww.1putao.com%2F&v=1.2.97&lv=1&sn=40659&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fqipilang.xyz%2F&tt=%E8%95%BE%E4%B8%9D%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E8%95%BE%E4%B8%9D%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E8%95%BE%E4%B8%9D%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1694819632&si=2f78a6aad40daf74fb132d02edf323db&su=http%3A%2F%2Fwww.1putao.com%2F&v=1.2.97&lv=1&sn=40659&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fqipilang.xyz%2F&tt=%E8%95%BE%E4%B8%9D%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E8%95%BE%E4%B8%9D%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E8%95%BE%E4%B8%9D%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1694819632&si=2f78a6aad40daf74fb132d02edf323db&su=http%3A%2F%2Fwww.1putao.com%2F&v=1.2.97&lv=1&sn=40659&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fqipilang.xyz%2F&tt=%E8%95%BE%E4%B8%9D%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E8%95%BE%E4%B8%9D%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E8%95%BE%E4%B8%9D%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Oct 2022 01:32:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=93B7620FC0FD0151; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6310bb4852e9818890dd00f68de5998e
194121b869dbb63a856dd52e0fd0c0571a789282
28b37d2c32e067d9d4cab0177103d6ae9bc4377ecc616b4493ade82dc190c24d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 05:58:51 GMT
Expires: Sun, 09 Oct 2022 05:58:50 GMT
Etag: "194121b869dbb63a856dd52e0fd0c0571a789282"
Cache-Control: max-age=533799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec2428230b3d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6310bb4852e9818890dd00f68de5998e
194121b869dbb63a856dd52e0fd0c0571a789282
28b37d2c32e067d9d4cab0177103d6ae9bc4377ecc616b4493ade82dc190c24d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 05:58:51 GMT
Expires: Sun, 09 Oct 2022 05:58:50 GMT
Etag: "194121b869dbb63a856dd52e0fd0c0571a789282"
Cache-Control: max-age=533799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec2458130b06-OSL
kmmber.jmnwafa.xyz/kmnbhevhfjrtetd/c.gif
23.224.92.245200 OK 84 kB URL HTTP/1.1 kmmber.jmnwafa.xyz/kmnbhevhfjrtetd/c.gif
IP 23.224.92.245:0
File type GIF image data, version 89a, 600 x 200\012- data
Hash 9921b46e46364692e3907209e1ac751d
f471461e26bf90297b4fb9c15a44b33becf7a5b7
d626c8cb11a97739ab83d2cb8d27332f3d3d3294d3a48f5036614646a59adddf
GET /kmnbhevhfjrtetd/c.gif HTTP/1.1
Host: kmmber.jmnwafa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: image/gif
Content-Length: 84426
Last-Modified: Tue, 13 Sep 2022 02:11:33 GMT
Connection: keep-alive
ETag: "631fe6d5-149ca"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kmr.mjnbrt.xyz/mnrt/kmrr.png
23.224.92.243200 OK 85 kB URL HTTP/1.1 kmr.mjnbrt.xyz/mnrt/kmrr.png
IP 23.224.92.243:0
File type PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2
Analyzer Verdict Alert quad9 Sinkholed
GET /mnrt/kmrr.png HTTP/1.1
Host: kmr.mjnbrt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Wed, 14 Sep 2022 16:54:01 GMT
Connection: keep-alive
ETag: "63220729-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kmmber.jmnwafa.xyz/oplnkaw-jknr/aoiwdn.gif
23.224.92.245200 OK 124 kB URL HTTP/1.1 kmmber.jmnwafa.xyz/oplnkaw-jknr/aoiwdn.gif
IP 23.224.92.245:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 124 kB (124176 bytes)
Hash 45fe943b4a48a9417e859b8c425794ce
c481557aadd0c07843fbe4f9c5f77c42fe6fa2aa
150f20fab658e2369563f3809d4a0734143da7300b5a0dcd44a4c175006919da
GET /oplnkaw-jknr/aoiwdn.gif HTTP/1.1
Host: kmmber.jmnwafa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 03 Oct 2022 01:32:09 GMT
Content-Type: image/gif
Content-Length: 124176
Last-Modified: Thu, 08 Sep 2022 02:18:07 GMT
Connection: keep-alive
ETag: "631950df-1e510"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6310bb4852e9818890dd00f68de5998e
194121b869dbb63a856dd52e0fd0c0571a789282
28b37d2c32e067d9d4cab0177103d6ae9bc4377ecc616b4493ade82dc190c24d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 05:58:51 GMT
Expires: Sun, 09 Oct 2022 05:58:50 GMT
Etag: "194121b869dbb63a856dd52e0fd0c0571a789282"
Cache-Control: max-age=533799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec244fc0b50c-OSL
kmp.bcglkfu.cn/j/155304
104.208.117.154200 OK 6.6 kB IP 104.208.117.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d70b3f738435b245a70dbc389383f1ec
a22958bde0132c2d6f755804bf7f3a8dccba0977
2a385e850b0132d199ff399b73046bd6d73fa7e233cfb27182c230ac09039594
GET /j/155304 HTTP/1.1
Host: kmp.bcglkfu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Mon, 03 Oct 2022 01:32:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
x-country: NO
x-cache: @warehouse00002l
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 17bc151a1069f24b8199901953746f95
dea148684d0a85d8846aefa0d2e5cba5f62b1c0f
d5f26f4685b708a784c930e6a9f2eb8ee9ab03c004374f52ad8315b930406d2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 12:28:05 GMT
Expires: Sun, 09 Oct 2022 12:28:04 GMT
Etag: "dea148684d0a85d8846aefa0d2e5cba5f62b1c0f"
Cache-Control: max-age=557153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7541ec24883c0b3d-OSL
krt.fcyjuek.cn/effect.php?type=ecv&planid=29449&adsid=5956308&zoneid=155304&uid=11366&adtplid=1001&plantype=cpv
203.107.60.95200 OK 20 B URL HTTP/1.1 krt.fcyjuek.cn/effect.php?type=ecv&planid=29449&adsid=5956308&zoneid=155304&uid=11366&adtplid=1001&plantype=cpv
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /effect.php?type=ecv&planid=29449&adsid=5956308&zoneid=155304&uid=11366&adtplid=1001&plantype=cpv HTTP/1.1
Host: krt.fcyjuek.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=3060780f80b6e1483a312bff22d6fd362436cba621b3998443ca57d05b0f8cca; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
203.107.60.95200 OK 727 B URL HTTP/1.1 kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: kmr.wdjptto.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=5fe649faf1345ab5e68742fed9ffd7345bbb68f282f44af463e4e2612ce1d742; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
krt.fcyjuek.cn/effect.php?type=ecv&planid=30278&adsid=5964515&zoneid=155303&uid=11366&adtplid=19&plantype=cpv
203.107.60.95200 OK 20 B URL HTTP/1.1 krt.fcyjuek.cn/effect.php?type=ecv&planid=30278&adsid=5964515&zoneid=155303&uid=11366&adtplid=19&plantype=cpv
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /effect.php?type=ecv&planid=30278&adsid=5964515&zoneid=155303&uid=11366&adtplid=19&plantype=cpv HTTP/1.1
Host: krt.fcyjuek.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=2d6e35e20f70c61d9ecc26bdae70ce78e64cde9177da578409b5bfa9c505722f; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
nrj.kfieygy.cn/c.php?s=JnpvbmVpZD0xNTUzMDQmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk1NjMwOCZwbGFuaWQ9Mjk0NDkmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnNwemJiODEuY29tJTJGMS5odG1sJTNGY2hhbm5lbENvZGUlM0RiODEmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;7975ea5cf0b1613bfad272099c16ed58;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3
203.107.60.95200 OK 20 B URL HTTP/1.1 nrj.kfieygy.cn/c.php?s=JnpvbmVpZD0xNTUzMDQmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk1NjMwOCZwbGFuaWQ9Mjk0NDkmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnNwemJiODEuY29tJTJGMS5odG1sJTNGY2hhbm5lbENvZGUlM0RiODEmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;7975ea5cf0b1613bfad272099c16ed58;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /c.php?s=JnpvbmVpZD0xNTUzMDQmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk1NjMwOCZwbGFuaWQ9Mjk0NDkmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnNwemJiODEuY29tJTJGMS5odG1sJTNGY2hhbm5lbENvZGUlM0RiODEmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;7975ea5cf0b1613bfad272099c16ed58;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3 HTTP/1.1
Host: nrj.kfieygy.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=2c28859d634a6d2c11f924f0e12d642fa427614a0d53688a895bb5310a1f5f86; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Sat, 01-Apr-2023 01:32:10 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Mon, 10-Oct-2022 01:32:10 GMT; Max-Age=604800; path=/
11366_29449=re; expires=Mon, 03-Oct-2022 06:32:10 GMT; Max-Age=18000; path=/
do2click_29449=5956308%7C29449%7C11366%7C155304%7C; expires=Mon, 03-Oct-2022 04:32:10 GMT; Max-Age=10800; path=/
doEffect_29449=5956308%7C29449%7C11366%7C155304%7C; expires=Mon, 10-Oct-2022 01:32:10 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
krt.fcyjuek.cn/c.php?s=JnpvbmVpZD0xNTUzMDMmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk2NDUxNSZwbGFuaWQ9MzAyNzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmp3aWMuazJidS5jbiUyRml3dWE5Lmh0bWwmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;222713b60f4b92a959c07a309d4f9722;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3
203.107.60.95200 OK 20 B URL HTTP/1.1 krt.fcyjuek.cn/c.php?s=JnpvbmVpZD0xNTUzMDMmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk2NDUxNSZwbGFuaWQ9MzAyNzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmp3aWMuazJidS5jbiUyRml3dWE5Lmh0bWwmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;222713b60f4b92a959c07a309d4f9722;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /c.php?s=JnpvbmVpZD0xNTUzMDMmc2l0ZWlkPSZ1aWQ9MTEzNjYmYWRzaWQ9NTk2NDUxNSZwbGFuaWQ9MzAyNzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmp3aWMuazJidS5jbiUyRml3dWE5Lmh0bWwmdnRpbWU9MjAyMi0xMC0wMyAwOTozMjowOCZpcD05MS45MC40Mi4xNTQ=;222713b60f4b92a959c07a309d4f9722;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LjFwdXRhby5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnFpcGlsYW5nLnh5eiUyRiZqPTAmcD0wJm09MCZyZXM9MTI4MHgxMDI0JnQ9JUU4JTk1JUJFJUU0JUI4JTlEJUU3JTlGJUFEJUU4JUE3JTg2JUU5JUEyJTkxJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU4JUE3JTg2JUU5JUEyJTkxJUU1JTg4JTg2JUU0JUJBJUFCJTJDJUU4JTk1JUJFJUU0JUI4JTlEJUU1JTg1JThEJUU4JUI0JUI5JUU4JUE3JTg2JUU5JUEyJTkxJmw9ZW4tVVMmYz0wJmg9OTI3 HTTP/1.1
Host: krt.fcyjuek.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=914ed26cc0d8fb8891ea38a4f31ea497d22306cc95a6e6267f6094779aa520d6; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Sat, 01-Apr-2023 01:32:10 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Mon, 10-Oct-2022 01:32:10 GMT; Max-Age=604800; path=/
11366_30278=re; expires=Mon, 03-Oct-2022 06:32:10 GMT; Max-Age=18000; path=/
do2click_30278=5964515%7C30278%7C11366%7C155303%7C; expires=Mon, 03-Oct-2022 04:32:10 GMT; Max-Age=10800; path=/
doEffect_30278=5964515%7C30278%7C11366%7C155303%7C; expires=Mon, 10-Oct-2022 01:32:10 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
203.107.60.95200 OK 727 B URL HTTP/1.1 kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: kmr.wdjptto.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=6e7fbe7fa000dbeb7c6aec65ecde92d7d0c56b566ccc9b25d9abbc5d2cf78dc2; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash f5e4158ecaba819d28ff0e037292aee6
27a027d0fb7f917bd2c33c0eb2bf7576f83febb4
943b76d1ae2baaa91a8542fd04d7eee6627105ba41c80bdc498c626b45be765e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 06 Oct 2022 22:42:38 GMT
ETag: "27a027d0fb7f917bd2c33c0eb2bf7576f83febb4"
Last-Modified: Sun, 02 Oct 2022 22:42:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541ec31bcee0b3d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash f5e4158ecaba819d28ff0e037292aee6
27a027d0fb7f917bd2c33c0eb2bf7576f83febb4
943b76d1ae2baaa91a8542fd04d7eee6627105ba41c80bdc498c626b45be765e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 01:32:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 06 Oct 2022 22:42:38 GMT
ETag: "27a027d0fb7f917bd2c33c0eb2bf7576f83febb4"
Last-Modified: Sun, 02 Oct 2022 22:42:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541ec31bfbeb527-OSL
s9.cnzz.com/z_stat.php?id=1279999172&web_id=1279999172
220.185.164.250200 OK 20 B URL HTTP/2 s9.cnzz.com/z_stat.php?id=1279999172&web_id=1279999172
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1279999172&web_id=1279999172 HTTP/1.1
Host: s9.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kmr.wdjptto.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Mon, 03 Oct 2022 01:08:30 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 03 Oct 2022 01:08:30 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1664759310
via: cache11.l2cn1836[60,28,200-0,C], cache39.l2cn1836[29,0], cache16.cn4100[0,0,200-0,H], cache4.cn4100[1,0]
age: 1422
x-cache: HIT TCP_MEM_HIT dirn:15:380252919
x-swift-savetime: Mon, 03 Oct 2022 01:08:30 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: dcb9a49816647607328344619e
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/static/js/jquery.min.js
154.22.125.209200 OK 0 B URL HTTP/2 qipilang.xyz/template/m1938pc/static/js/jquery.min.js
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/m1938pc/static/js/jquery.min.js HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:33 GMT
vary: Accept-Encoding
etag: W/"61d99aa5-17b8b"
expires: Mon, 03 Oct 2022 13:32:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
154.22.125.209200 OK 0 B URL HTTP/2 qipilang.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Mon, 03 Oct 2022 13:32:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
kmp.bcglkfu.cn/j/155303
104.208.117.154200 OK 0 B IP 104.208.117.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /j/155303 HTTP/1.1
Host: kmp.bcglkfu.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Mon, 03 Oct 2022 01:32:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
x-country: NO
x-cache: @warehouse00002l
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/css/1.css
154.22.125.209200 OK 0 B URL HTTP/2 qipilang.xyz/template/m1938pc/css/1.css
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/m1938pc/css/1.css HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 14:15:38 GMT
vary: Accept-Encoding
etag: W/"62124d0a-8307"
expires: Mon, 03 Oct 2022 13:32:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
qipilang.xyz/template/m1938pc/css/zui.css
154.22.125.209200 OK 0 B URL HTTP/2 qipilang.xyz/template/m1938pc/css/zui.css
IP 154.22.125.209:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: qipilang.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qipilang.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 01:32:07 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 03:50:12 GMT
vary: Accept-Encoding
etag: W/"6211ba74-16319"
expires: Mon, 03 Oct 2022 13:32:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2