schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
38.238.219.2301 Moved Permanently 0 B URL User Request GET HTTP/1.1 schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
IP 38.238.219.2:80
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t HTTP/1.1
Host: schaffenhausshepherds.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 29 Mar 2024 09:10:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
38.238.219.2200 OK 807 B URL User Request GET HTTP/1.1 www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
IP 38.238.219.2:80
ASN #134548 DXTL Tseung Kwan O Service
File type JavaScript source, ISO-8859 text, with CRLF line terminators
Hash 1272095dcf33178401851a1c73deb809
4dc33233d45d48863967db933bffb074dc05a60d
1907d113d87cd9f3ee64d11f6e212d5831479d0985ad64e1358954eaa36cde17
GET /wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t HTTP/1.1
Host: www.schaffenhausshepherds.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 09:10:18 GMT
Content-Type: text/html
Content-Length: 807
Connection: keep-alive
www.schaffenhausshepherds.net/common.js
38.238.219.2200 OK 684 B URL GET HTTP/1.1 www.schaffenhausshepherds.net/common.js
IP 38.238.219.2:80
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
File type JavaScript source, ASCII text, with very long lines (443), with CRLF line terminators
Hash cb02c03dbfb6de9dda3a760485df6cd9
9a9ca07b5a8c5cde32df30a7e496374412ddd0c5
a5f1cfe0e45c2ad2d0f60a168a0d11cbf7f9941b0ea4d9964150d322851c37c0
GET /common.js HTTP/1.1
Host: www.schaffenhausshepherds.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 09:10:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.schaffenhausshepherds.net/tj.js
38.238.219.2200 OK 102 B URL GET HTTP/1.1 www.schaffenhausshepherds.net/tj.js
IP 38.238.219.2:80
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
File type HTML document, ASCII text, with no line terminators
Hash 8e071994d1d091f6f319dd1880880e2b
095ccdee1414987b84ec423eebc7697fb678c33e
f0aa685845450fe404c44d61d35abb981688214162dabaa7a6ad63bc673c316b
GET /tj.js HTTP/1.1
Host: www.schaffenhausshepherds.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 09:10:19 GMT
Content-Type: application/x-javascript
Content-Length: 102
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 29 Mar 2024 09:10:19 GMT
Etag: "4078521116"
Expires: Sat, 29 Mar 2025 09:10:19 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=C59752AA2310280E5596FE8FA0F8D81D:FG=1; max-age=31536000; expires=Sat, 29-Mar-25 09:10:19 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
js.users.51.la/21858475.js
47.246.44.243200 OK 5.1 kB URL GET HTTP/1.1 js.users.51.la/21858475.js
IP 47.246.44.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type JavaScript source, ASCII text, with very long lines (5068), with no line terminators
Hash ee0a106411811a679e9d9700e372b27a
d253cf7fbf983dd831704c96880042e003534e12
cd2903120bc47cef3cd186e658c72243fc4f0d409efce458fd1ad60473e24a9a
GET /21858475.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 29 Mar 2024 09:10:19 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1711703419
Via: cache11.l2de2[161,160,200-0,M], cache16.l2de2[162,0], ens-cache3.se2[183,182,200-0,M], ens-cache1.se2[184,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 29 Mar 2024 09:10:19 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9517117034197301098e
www.schaffenhausshepherds.net/favicon.ico
38.238.219.2200 OK 1.2 kB URL GET HTTP/1.1 www.schaffenhausshepherds.net/favicon.ico
IP 38.238.219.2:80
ASN #134548 DXTL Tseung Kwan O Service
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.schaffenhausshepherds.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Cookie: __tins__21858475=%7B%22sid%22%3A%201711703420114%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711705220114%7D; __51cke__=; __51laig__=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 09:10:20 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 03 Apr 2024 09:10:20 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
14.215.182.161200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
IP 14.215.182.161:80
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 29 Mar 2024 09:10:20 GMT
ia.51.la/go1?id=21858475&rt=1711703420114&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1711703420114&tt=%25E8%25A1%25A2%25E5%25B7%259E%25E7%25BF%2581%25E9%259B%25B7%25E6%259C%25BA%25E6%25A2%25B0%25E8%25AE%25BE%25E5%25A4%2587%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252Fwpwe%252FZGF2aW4ub2htc0B3aXBmbGkuY29t&pu=
203.107.86.226200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21858475&rt=1711703420114&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1711703420114&tt=%25E8%25A1%25A2%25E5%25B7%259E%25E7%25BF%2581%25E9%259B%25B7%25E6%259C%25BA%25E6%25A2%25B0%25E8%25AE%25BE%25E5%25A4%2587%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252Fwpwe%252FZGF2aW4ub2htc0B3aXBmbGkuY29t&pu=
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21858475&rt=1711703420114&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1711703420114&tt=%25E8%25A1%25A2%25E5%25B7%259E%25E7%25BF%2581%25E9%259B%25B7%25E6%259C%25BA%25E6%25A2%25B0%25E8%25AE%25BE%25E5%25A4%2587%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252Fwpwe%252FZGF2aW4ub2htc0B3aXBmbGkuY29t&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 29 Mar 2024 09:10:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=365f607ab728f6cfb482042c05e3b25ec89b4228b00513c55357cb55e3d2aca8; Path=/; HttpOnly
acw_tc=ac11000117117034206301463e1d6a43ba50ea2cfd46aa8180b0b3afdd604a;path=/;HttpOnly;Max-Age=1800
ad.xmmnsl.com/uploads/images/1710823159.gif
194.53.53.6200 OK 320 kB URL GET HTTP/2 ad.xmmnsl.com/uploads/images/1710823159.gif
IP 194.53.53.6:443
ASN #209242 Cloudflare London, LLC
Certificate IssuerLet's Encrypt
Subjectxmmnsl.com
Fingerprint2F:20:D3:CC:95:C0:8A:15:99:65:55:1B:2A:EC:24:E5:6E:07:B9:80
ValiditySat, 03 Feb 2024 10:48:36 GMT - Fri, 03 May 2024 10:48:35 GMT
File type GIF image data, version 89a, 960 x 120
Size 320 kB (319959 bytes)
Hash b8d9cb6869549186b023175920acd14f
a536d395998f8115b71f2d0f69a3d7fb1b19c429
c608171502e554e90239ff546673d2e0fdf70efbcd8b87d2271130bac942e78c
GET /uploads/images/1710823159.gif HTTP/1.1
Host: ad.xmmnsl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 319959
last-modified: Tue, 19 Mar 2024 04:39:19 GMT
etag: "65f916f7-4e1d7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q73FDDZuXa5f2yhAicI7V77xvyhP5CEbgOVeZfRdhY0BxlrbSJ7wZ%2FB1ILPdZoHa6TwhoCvPQSxQKxOlMJACGxxMxPhrj4uyqyNi9Dz3ADiWhexnJ%2Bo4TQCgtjE8HtCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ed8a2956ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ad.xmmnsl.com/uploads/images/1705062043.gif
194.53.53.6200 OK 254 kB URL GET HTTP/2 ad.xmmnsl.com/uploads/images/1705062043.gif
IP 194.53.53.6:443
ASN #209242 Cloudflare London, LLC
Certificate IssuerLet's Encrypt
Subjectxmmnsl.com
Fingerprint2F:20:D3:CC:95:C0:8A:15:99:65:55:1B:2A:EC:24:E5:6E:07:B9:80
ValiditySat, 03 Feb 2024 10:48:36 GMT - Fri, 03 May 2024 10:48:35 GMT
File type GIF image data, version 89a, 980 x 50
Size 254 kB (253985 bytes)
Hash 9952c689456954e7a8afebc444dbd985
ebc86b44d3010cbbd572650b2c0f9cd2cbe396eb
500a0029895fd33faffdd312254c06b1d471ee2d99ad9ee5ca7617ccf3f7ebf6
GET /uploads/images/1705062043.gif HTTP/1.1
Host: ad.xmmnsl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 253985
last-modified: Fri, 12 Jan 2024 12:20:43 GMT
etag: "65a12e9b-3e021"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0UkrFQsc9JGmdVaGaOO8uFyt%2FI194%2Byl1zNyu5jBLVuoFdyusFEKwcaDTT56dUEEHspImkB97vUqlumYFrxinCanGTOynLDwiPsSbfN86J13YH88dPEO8hdhX5FoK2k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ed9a2e56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bhjt.lkj-lijn.com/nanshen/img/2480.gif
172.67.6.119200 OK 132 kB URL GET HTTP/2 bhjt.lkj-lijn.com/nanshen/img/2480.gif
IP 172.67.6.119:443
Certificate IssuerLet's Encrypt
Subjectlkj-lijn.com
Fingerprint6F:A6:31:0D:FA:B7:D6:D0:DA:B1:03:FE:A1:16:FE:BB:10:43:92:8C
ValiditySun, 11 Feb 2024 01:12:13 GMT - Sat, 11 May 2024 01:12:12 GMT
File type GIF image data, version 89a, 960 x 80
Size 132 kB (132545 bytes)
Hash c01e2eb86f8ef948ed3c6a4bec193c2e
75e3e01692b0a2d5f5c7414f43f21fab66b201d9
9bbbd9256592921eead5e58efc0c510d58339f89f5ca1c1c29f147bc7e6595e7
GET /nanshen/img/2480.gif HTTP/1.1
Host: bhjt.lkj-lijn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 132545
last-modified: Sat, 24 Feb 2024 13:13:29 GMT
etag: "65d9eb79-205c1"
expires: Sun, 21 Apr 2024 21:52:02 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 559100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ee38cb5693-OSL
X-Firefox-Spdy: h2
bhjt.lkj-lijn.com/nanshen/img/46.80.gif
172.67.6.119200 OK 334 kB URL GET HTTP/2 bhjt.lkj-lijn.com/nanshen/img/46.80.gif
IP 172.67.6.119:443
Certificate IssuerLet's Encrypt
Subjectlkj-lijn.com
Fingerprint6F:A6:31:0D:FA:B7:D6:D0:DA:B1:03:FE:A1:16:FE:BB:10:43:92:8C
ValiditySun, 11 Feb 2024 01:12:13 GMT - Sat, 11 May 2024 01:12:12 GMT
File type GIF image data, version 89a, 960 x 80
Size 334 kB (334447 bytes)
Hash 951b69336d9c15a474f41f1570950b3d
dbeb8fd225c80ce43707842386496340cd8d9bb4
76cce8df402fc0d22d11148e2c3234c754729790550a898bf49b5040b6c0e27a
GET /nanshen/img/46.80.gif HTTP/1.1
Host: bhjt.lkj-lijn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 334447
last-modified: Fri, 24 Nov 2023 15:00:29 GMT
etag: "6560ba8d-51a6f"
expires: Thu, 25 Apr 2024 13:35:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 243308
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ee38c85693-OSL
X-Firefox-Spdy: h2
js.users.51.la/21861001.js
47.246.44.243200 OK 4.9 kB URL GET HTTP/1.1 js.users.51.la/21861001.js
IP 47.246.44.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type JavaScript source, ASCII text, with very long lines (4898), with no line terminators
Hash c4a36f3458c40eaf52709fb4116cc5c5
9a80110a120cc0b6ac181400b3cfe994920b046f
3d0eb8cb186ced9e7823a23adc6fdacf7058022f9a591908a2e011cee590d5b5
GET /21861001.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Content-Length: 4898
Connection: keep-alive
Date: Fri, 29 Mar 2024 09:10:21 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1711703421
Via: cache10.l2de2[171,170,200-0,M], cache9.l2de2[172,0], ens-cache20.se2[195,195,200-0,M], ens-cache1.se2[197,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 29 Mar 2024 09:10:21 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9517117034210351707e
www.qwlcy.com/template/m1938pc/ads/img/1.gif
23.83.129.20200 OK 254 B URL GET HTTP/2 www.qwlcy.com/template/m1938pc/ads/img/1.gif
IP 23.83.129.20:443
ASN #19148 LEASEWEB-USA-PHX
Certificate IssuerLet's Encrypt
Subjectwww.700515.com
Fingerprint43:CD:75:78:F9:B7:C5:DE:F8:A7:BC:06:6C:4A:12:BD:63:34:95:B4
ValidityWed, 27 Mar 2024 13:16:52 GMT - Tue, 25 Jun 2024 13:16:51 GMT
File type GIF image data, version 89a, 16 x 17
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/ads/img/1.gif HTTP/1.1
Host: www.qwlcy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 254
last-modified: Thu, 21 Apr 2022 12:25:50 GMT
etag: "62614d4e-fe"
expires: Sun, 28 Apr 2024 09:10:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.imageoss.com/images/2024/01/30/960x60fa0d76e22c8fa07b.gif
104.21.55.185200 OK 125 kB URL GET HTTP/2 www.imageoss.com/images/2024/01/30/960x60fa0d76e22c8fa07b.gif
IP 104.21.55.185:443
Certificate IssuerGoogle Trust Services LLC
Subjectwww.imageoss.com
FingerprintC7:20:2B:6C:32:33:52:CD:A1:FC:99:A4:33:ED:D5:C3:75:12:1B:5C
ValidityTue, 05 Mar 2024 18:39:41 GMT - Mon, 03 Jun 2024 18:39:40 GMT
File type GIF image data, version 89a, 960 x 60
Size 125 kB (124710 bytes)
Hash 76028be65c7091ef215890b255128ff0
7d4deda0b9201c95d7d2648e3e8b453f5f165609
f91ba1fe289c19571741252954f1da1161b2c71e9ee36b3ad720d25b9240fbf8
GET /images/2024/01/30/960x60fa0d76e22c8fa07b.gif HTTP/1.1
Host: www.imageoss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 124710
last-modified: Tue, 30 Jan 2024 12:23:31 GMT
etag: "65b8ea43-1e726"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 238936
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zon15XfcYnhfjXNkKMDLsDdFYiAiFHgkO0sIPJ3h4Pa0o7C%2BnzccUl6qAfQeN4JnVudUYQZC710fd2HwFMpecE5NnQ3xjY8er8ugiTG5UxltyX030uJKz9lf8gEHt7E4QWou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9efd85e568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.qwlcy.com/template/m1938pc/images/video-play.png
23.83.129.20200 OK 1.6 kB URL GET HTTP/2 www.qwlcy.com/template/m1938pc/images/video-play.png
IP 23.83.129.20:443
ASN #19148 LEASEWEB-USA-PHX
Certificate IssuerLet's Encrypt
Subjectwww.700515.com
Fingerprint43:CD:75:78:F9:B7:C5:DE:F8:A7:BC:06:6C:4A:12:BD:63:34:95:B4
ValidityWed, 27 Mar 2024 13:16:52 GMT - Tue, 25 Jun 2024 13:16:51 GMT
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.qwlcy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/png
content-length: 1567
last-modified: Thu, 21 Apr 2022 12:26:08 GMT
etag: "62614d60-61f"
expires: Sun, 28 Apr 2024 09:10:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/tspli4gfkiq0002tspli4gfkiq023939.jpg
172.67.28.138200 OK 7.4 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/tspli4gfkiq0002tspli4gfkiq023939.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 3bda6330e6f70f42861e4691ed1fae0b
6b9c6c97f876c90d83f542a2c9da38c1a8e26d64
469d327aee42632eae18e3474327b93c112cf4c038e6ae2d13139301f62eec3a
GET /upload/vod/2020/05-22/00/tspli4gfkiq0002tspli4gfkiq023939.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/webp
content-length: 7398
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8552
content-disposition: inline; filename="tspli4gfkiq0002tspli4gfkiq023939.webp"
etag: "5ec6a5fa-2168"
last-modified: Thu, 21 May 2020 16:02:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 86beb9ef7bc55695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/qewyc1p3kv20603qewyc1p3kv250797.jpg
172.67.28.138200 OK 7.3 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/qewyc1p3kv20603qewyc1p3kv250797.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 4f5fbfcbb32aeebadcfc64fa68456b09
c85b72513b2a643cb14ef9282adde5e997ab8f55
ddcc94d279653c573b619a1c44bd19ce4e8339f88bce73451bf2e80007c54985
GET /upload/vod/2020/03-28/06/qewyc1p3kv20603qewyc1p3kv250797.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 7278
last-modified: Fri, 27 Mar 2020 22:03:50 GMT
etag: "5e7e7846-1c6e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef9be15695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/quhbzhnrg2s0002quhbzhnrg2s144051.jpg
172.67.28.138200 OK 6.5 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/quhbzhnrg2s0002quhbzhnrg2s144051.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f889c52cfae784ed71a1034b738785db
52d67a4369d7bd1fe50422f2fcb9a70b1e134d52
6d33ea476da32ac365bbd1288fa2b33cd24ab0d1ee8663edf8e2f5e48717b6e4
GET /upload/vod/2020/05-22/00/quhbzhnrg2s0002quhbzhnrg2s144051.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/webp
content-length: 6542
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7613
content-disposition: inline; filename="quhbzhnrg2s0002quhbzhnrg2s144051.webp"
etag: "5ec6a606-1dbd"
last-modified: Thu, 21 May 2020 16:02:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 86beb9ef8bd15695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/coqjlfkdfb30603coqjlfkdfb351807.jpg
172.67.28.138200 OK 10 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/coqjlfkdfb30603coqjlfkdfb351807.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 8625a2794d858f7f99bd16e5325e35d6
ad433e894c88af88908b9c3690c061ed5adfddee
cd4b7bfd610a2345cb11b943285939bb4fa5d45a85d16a5e94eaef8c2b9ee910
GET /upload/vod/2020/03-28/06/coqjlfkdfb30603coqjlfkdfb351807.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 10436
last-modified: Fri, 27 Mar 2020 22:03:51 GMT
etag: "5e7e7847-28c4"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bbf5695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/0alwwxw2gtu00020alwwxw2gtu013931.jpg
172.67.28.138200 OK 7.9 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/0alwwxw2gtu00020alwwxw2gtu013931.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash dac3fb727059fa0ee9089fa928f2b3d2
c1f7eb37aa3fb2d9edbffff940d6584dd2cdb76a
b10d10f76b514d97a6b3439609dcab6f892284d88ada9cd20f94c5d0cafa5021
GET /upload/vod/2020/05-22/00/0alwwxw2gtu00020alwwxw2gtu013931.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 7928
last-modified: Thu, 21 May 2020 16:02:01 GMT
etag: "5ec6a5f9-1ef8"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc45695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/amq5qrpo4dz0002amq5qrpo4dz124035.jpg
172.67.28.138200 OK 9.3 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/amq5qrpo4dz0002amq5qrpo4dz124035.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3
Hash efd33af6d62553488a81c74a5eab7232
e18dfe7458bed9d17a9412d46e1eb5beb6482d46
12e6caf2aa3ecf8e2018c5b705ecc05232902ee2367b26ace0607301218bd09d
GET /upload/vod/2020/05-22/00/amq5qrpo4dz0002amq5qrpo4dz124035.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 9348
last-modified: Thu, 21 May 2020 16:02:13 GMT
etag: "5ec6a605-2484"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc85695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/01thfs1aqr0060301thfs1aqr049786.jpg
172.67.28.138200 OK 9.2 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/01thfs1aqr0060301thfs1aqr049786.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 0fafd53100ae5848d0745a9188ee790e
4437ff1bd77606d500ca14c63c061d9e4b45856f
7c334a4d0eddeff6913c5fb528627d81a7b8d8674378cf63c6ffc01fb091b2f0
GET /upload/vod/2020/03-28/06/01thfs1aqr0060301thfs1aqr049786.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 9158
last-modified: Fri, 27 Mar 2020 22:03:49 GMT
etag: "5e7e7845-23c6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef9be55695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/ropsdqca5ai0002ropsdqca5ai134043.jpg
172.67.28.138200 OK 6.3 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/ropsdqca5ai0002ropsdqca5ai134043.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3
Hash 552c5e01b67cc9c0ac8ae6b0e9cf8fd7
d6d3cb69c437dead63e50926f9bf5b6a97b65a9c
9be72117753cd167fa8fa2d378d809b9fdaaa5d8d8cdb99c4f7410590560bb5c
GET /upload/vod/2020/05-22/00/ropsdqca5ai0002ropsdqca5ai134043.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 6270
last-modified: Thu, 21 May 2020 16:02:13 GMT
etag: "5ec6a605-187e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef8bd05695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l3w4alqere30603l3w4alqere348777.jpg
172.67.28.138200 OK 10 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l3w4alqere30603l3w4alqere348777.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash ff527e370b6bb2b5be1a62eb9e972cd3
02d6aeff81755f4b718721b4e001bd19b1bca7c1
dbd2cf6135e4b5383e8750fe0e0c56d6d0fcfeaa9035e6d94a2649fc572c07a4
GET /upload/vod/2020/03-28/06/l3w4alqere30603l3w4alqere348777.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 10374
last-modified: Fri, 27 Mar 2020 22:03:48 GMT
etag: "5e7e7844-2886"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9efabf15695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/5hm3cpdag1100025hm3cpdag11204099.jpg
172.67.28.138200 OK 9.1 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/5hm3cpdag1100025hm3cpdag11204099.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3
Hash 36121ce7ac9d820f02c57cd338a46fdd
65b17798e734b40ee17299085a5e430522b6f01f
99544b6ac285e9d9313c0610700405f48d03dcff8f99db9f2e9585738ca6bd0b
GET /upload/vod/2020/05-22/00/5hm3cpdag1100025hm3cpdag11204099.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 9103
last-modified: Thu, 21 May 2020 16:02:20 GMT
etag: "5ec6a60c-238f"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef8bd75695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/t1qirs4yk2d0002t1qirs4yk2d124027.jpg
172.67.28.138200 OK 11 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/t1qirs4yk2d0002t1qirs4yk2d124027.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3
Hash f309eba4b5f36ffbb9f8585a9bfef059
46ae67fa1b29cc6446c701f1e8807d3d0cd28bcd
a234599c293561f002df979c6cfbb9b049c580be5ead6f1e6e2d8a03b2a97e2e
GET /upload/vod/2020/05-22/00/t1qirs4yk2d0002t1qirs4yk2d124027.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 11377
last-modified: Thu, 21 May 2020 16:02:12 GMT
etag: "5ec6a604-2c71"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc75695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/ey0uis41ax00002ey0uis41ax0033947.jpg
172.67.28.138200 OK 11 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/ey0uis41ax00002ey0uis41ax0033947.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 410935fb3247b7fe923ea917aabed373
5a5f1931def9e9d295e57019e77baddb2147b4ce
96f819bf8c6e423359821f21cd9fa20b4d5737a6458651a10f697a2355378bce
GET /upload/vod/2020/05-22/00/ey0uis41ax00002ey0uis41ax0033947.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 11106
last-modified: Thu, 21 May 2020 16:02:03 GMT
etag: "5ec6a5fb-2b62"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc65695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-22/00/nqu01xtumwn0002nqu01xtumwn164067.jpg
172.67.28.138200 OK 10 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-22/00/nqu01xtumwn0002nqu01xtumwn164067.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 320x240, components 3
Hash 794d3c38f3982c00e8e40f014173c5d4
8ce004304fe5c7dca159a6410aedcb6d6625e1b2
d37747407b408fe55fca86136797815f8aadc7575ff281683d9fa71ae0a3dcf9
GET /upload/vod/2020/05-22/00/nqu01xtumwn0002nqu01xtumwn164067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 10070
last-modified: Thu, 21 May 2020 16:02:16 GMT
etag: "5ec6a608-2756"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef8bd55695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/h415rq5hvmm0603h415rq5hvmm47767.jpg
172.67.28.138200 OK 8.3 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/h415rq5hvmm0603h415rq5hvmm47767.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 1fc80dc0bb0506af92a6a74b8a8522bf
fd3deaec887d1d9cca057c59b05a3444555ba5a2
d677de10d4676b302358df1c9a9a734d2935ca373210a2eb9c7adc209829a8ff
GET /upload/vod/2020/03-28/06/h415rq5hvmm0603h415rq5hvmm47767.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 8254
last-modified: Fri, 27 Mar 2020 22:03:47 GMT
etag: "5e7e7843-203e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef9bdb5695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/3wsk3b4e0o006033wsk3b4e0o055842.jpg
172.67.28.138200 OK 8.1 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/3wsk3b4e0o006033wsk3b4e0o055842.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 549d825294df5c80bbd567f77d7d9777
f5936fe5c18338e24bcc04e9a4f4c8c37778a6ec
bed85a6f0f7f94343211343bb7907162fa2da55deabd87cab785a5df310c5159
GET /upload/vod/2020/03-28/06/3wsk3b4e0o006033wsk3b4e0o055842.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 8129
last-modified: Fri, 27 Mar 2020 22:03:55 GMT
etag: "5e7e784b-1fc1"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc35695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/sycpnh0xwbr0603sycpnh0xwbr54829.jpg
172.67.28.138200 OK 8.7 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/sycpnh0xwbr0603sycpnh0xwbr54829.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 16cf1e5f0c4148164d415fb2827d7520
2471655e0708e5dbb2fbb4d7b9ef4f384f8d3569
81449a16ab4bf119941bf7d782109eb800a86e40e10d7392b2d41b5e0119e7ce
GET /upload/vod/2020/03-28/06/sycpnh0xwbr0603sycpnh0xwbr54829.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 8736
last-modified: Fri, 27 Mar 2020 22:03:54 GMT
etag: "5e7e784a-2220"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc25695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/mgkh5nhx5db0603mgkh5nhx5db53819.jpg
172.67.28.138200 OK 7.4 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/mgkh5nhx5db0603mgkh5nhx5db53819.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash b387ee5fbdbe502bd8d55670da77d3d6
3b96f5050e7aadba9c230f7e963b71421ff0c3b3
9205af05a2919ebfa01805e305c32b6eec95352da7e0537303ddbc7d7c78a79d
GET /upload/vod/2020/03-28/06/mgkh5nhx5db0603mgkh5nhx5db53819.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 7381
last-modified: Fri, 27 Mar 2020 22:03:53 GMT
etag: "5e7e7849-1cd5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef7bc15695-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/eq1exwb5cyn0603eq1exwb5cyn46755.jpg
172.67.28.138200 OK 8.2 kB URL GET HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/eq1exwb5cyn0603eq1exwb5cyn46755.jpg
IP 172.67.28.138:443
Certificate IssuerCloudflare, Inc.
Subjectlbpictupian.com
Fingerprint62:1A:47:3F:33:41:F6:6C:4A:C6:9D:E0:67:70:07:49:BA:F1:31:CB
ValidityTue, 02 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash dbb943e67d220775edd7d5c91be925f0
8358cec62e4bd4ebd987a4cc86bd86ff47bc0c95
71c53ccdb8a6d5ab877dd65df81e816633aaf004c3a1ee78f1bd1c42edaba716
GET /upload/vod/2020/03-28/06/eq1exwb5cyn0603eq1exwb5cyn46755.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/jpeg
content-length: 8232
last-modified: Fri, 27 Mar 2020 22:03:46 GMT
etag: "5e7e7842-2028"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86beb9ef9bee5695-OSL
X-Firefox-Spdy: h2
zbb.bbb.hmajwvynt.com/fgajajytrsw6kys3yjs3.gif
23.225.112.98200 OK 60 kB URL GET HTTP/2 zbb.bbb.hmajwvynt.com/fgajajytrsw6kys3yjs3.gif
IP 23.225.112.98:443
Certificate IssuerLet's Encrypt
Subjectzbb.bbb.hmajwvynt.com
Fingerprint33:E5:7C:88:A0:5A:41:1D:FD:EC:D7:01:17:D6:A0:BF:6B:BD:DC:01
ValidityFri, 22 Mar 2024 02:43:39 GMT - Thu, 20 Jun 2024 02:43:38 GMT
File type GIF image data, version 89a, 980 x 100
Hash 49bf4fec48a868b09c87af8c7cd6cad5
60d486ff371697e3065bbcb2b8da7724c3390e40
5afbe47d1097d2885bee952c7fde5cca41b67cc0ac1f238a375b93be51a20832
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fgajajytrsw6kys3yjs3.gif HTTP/1.1
Host: zbb.bbb.hmajwvynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: image/gif
content-length: 60087
last-modified: Wed, 14 Feb 2024 02:43:07 GMT
etag: "65cc28bb-eab7"
accept-ranges: bytes
access-control-allow-origin: *, *
X-Firefox-Spdy: h2
9129666tp.com/cd.gif
198.2.209.177200 OK 902 kB IP 198.2.209.177:443
Certificate IssuerLet's Encrypt
Subject9129666tp.com
FingerprintFB:18:40:46:38:E1:09:B8:C0:35:C7:63:B1:3F:01:33:D8:47:88:91
ValidityFri, 02 Feb 2024 15:11:48 GMT - Thu, 02 May 2024 15:11:47 GMT
File type GIF image data, version 89a, 960 x 120
Size 902 kB (902421 bytes)
Hash f088f3b109d803b0fe7078b682fe644b
4258ca57d88c448e2bff997bf3ee25b3ddbab416
ece4f0de4435b65a579efbb03abd6f7e5d018e123c51a98e53a9794c8bda5af1
GET /cd.gif HTTP/1.1
Host: 9129666tp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 29 Mar 2024 09:10:21 GMT
Content-Type: image/gif
Content-Length: 902421
Connection: keep-alive
Last-Modified: Wed, 14 Feb 2024 10:32:25 GMT
ETag: "65cc96b9-dc515"
Expires: Tue, 09 Apr 2024 18:31:16 GMT
Cache-Control: max-age=2592000
Via: s202311201973
CDN-Cache: HIT
Accept-Ranges: bytes
383tu.oss-cn-hangzhou.aliyuncs.com/gonggao/960x60.gif
47.110.178.111200 OK 299 kB URL GET HTTP/1.1 383tu.oss-cn-hangzhou.aliyuncs.com/gonggao/960x60.gif
IP 47.110.178.111:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectcn-hangzhou.oss.aliyuncs.com
FingerprintBA:B1:7D:10:E5:EF:BD:A3:65:22:81:6E:73:E8:F1:B9:DB:ED:27:15
ValidityMon, 19 Feb 2024 05:01:07 GMT - Sat, 22 Mar 2025 05:01:06 GMT
File type GIF image data, version 89a, 960 x 80
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /gonggao/960x60.gif HTTP/1.1
Host: 383tu.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 29 Mar 2024 09:10:21 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 6606857D7F57C5353173901D
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Sun, 17 Sep 2023 11:50:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
x-oss-ec: 0048-00000105
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 10
bba9603w.com/960-82.gif
149.104.32.244200 OK 363 kB IP 149.104.32.244:443
Certificate IssuerLet's Encrypt
Subjectbba9603w.com
FingerprintC1:77:D2:EF:EB:16:1E:D5:33:D7:1B:FA:2F:59:A1:18:08:68:A7:E9
ValidityTue, 23 Jan 2024 03:30:47 GMT - Mon, 22 Apr 2024 03:30:46 GMT
File type GIF image data, version 89a, 960 x 80
Size 363 kB (363137 bytes)
Hash cfc733411b0bd7961c652d5bd0a8b2cd
6857644239d1763aebdccd5faf8687d0bd4cd5be
63c9f1f79be3b695561e66b6f771d02ad9153910b7ba262596cd63e397240563
GET /960-82.gif HTTP/1.1
Host: bba9603w.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/onex
Date: Fri, 29 Mar 2024 09:10:22 GMT
Content-Type: image/gif
Content-Length: 363137
Connection: keep-alive
Last-Modified: Wed, 01 Nov 2023 05:17:03 GMT
ETag: "6541df4f-58a81"
Expires: Thu, 25 Apr 2024 08:58:50 GMT
X-One-Cache: HIT
Accept-Ranges: bytes
ia.51.la/go1?id=21861001&rt=1711703421426&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1711703421426&tt=9%25E8%2589%25B2&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.qwlcy.com%252F&pu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252F
203.107.86.226200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21861001&rt=1711703421426&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1711703421426&tt=9%25E8%2589%25B2&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.qwlcy.com%252F&pu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252F
IP 203.107.86.226:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21861001&rt=1711703421426&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1711703421426&tt=9%25E8%2589%25B2&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.qwlcy.com%252F&pu=http%253A%252F%252Fwww.schaffenhausshepherds.net%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 29 Mar 2024 09:10:22 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=487261c8d88394beddf91337fb6a43701933e623349cb3d6155978648c316c68; Path=/; HttpOnly
acw_tc=ac11000117117034225827128e7273c62a0f2965787f897c32da78a5955575;path=/;HttpOnly;Max-Age=1800
hm.baidu.com/hm.js?a59bfc1e6bba65cfa9419a19e29c9e44
103.235.46.191200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?a59bfc1e6bba65cfa9419a19e29c9e44
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (620)
Hash 3c21731b744fa2717a7b1f507b429e99
7744fa042b68c1e557f2ced3c5241e5742329f04
b8c52a5137dbd3c51d5e2122aae8c8ea5c5db426e5f387b6fdb8adcfbae812ed
GET /hm.js?a59bfc1e6bba65cfa9419a19e29c9e44 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 29 Mar 2024 09:10:22 GMT
Etag: 68b6c48caf5d8aecce0819910c935fbe
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4B9F65C8D6FE00AC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
tu.jnctpsy8888.cc/jnc2023/mm888.gif
198.2.211.78200 OK 833 kB URL GET HTTP/1.1 tu.jnctpsy8888.cc/jnc2023/mm888.gif
IP 198.2.211.78:443
Certificate IssuerLet's Encrypt
Subjecttu.jnctpsy8888.cc
FingerprintDE:09:C1:B9:80:BC:06:06:91:5B:E3:97:02:49:FB:B6:F7:07:83:A1
ValidityThu, 01 Feb 2024 18:10:12 GMT - Wed, 01 May 2024 18:10:11 GMT
File type GIF image data, version 89a, 960 x 120
Size 833 kB (832563 bytes)
Hash 3fa269a595cb19b23411ab5cfff1e80a
08251fc37c09b622058b94e70f36ddfd1a8a9082
0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e
GET /jnc2023/mm888.gif HTTP/1.1
Host: tu.jnctpsy8888.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 09:10:22 GMT
Content-Type: image/gif
Content-Length: 832563
Connection: keep-alive
Last-Modified: Thu, 14 Sep 2023 12:23:36 GMT
ETag: "6502fb48-cb433"
Expires: Sat, 27 Apr 2024 10:11:09 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1921584591&si=a59bfc1e6bba65cfa9419a19e29c9e44&su=http%3A%2F%2Fwww.schaffenhausshepherds.net%2F&v=1.3.0&lv=1&sn=60293&r=0&ww=1280&u=https%3A%2F%2Fwww.qwlcy.com%2F&tt=9%E8%89%B2
103.235.46.191200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1921584591&si=a59bfc1e6bba65cfa9419a19e29c9e44&su=http%3A%2F%2Fwww.schaffenhausshepherds.net%2F&v=1.3.0&lv=1&sn=60293&r=0&ww=1280&u=https%3A%2F%2Fwww.qwlcy.com%2F&tt=9%E8%89%B2
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1921584591&si=a59bfc1e6bba65cfa9419a19e29c9e44&su=http%3A%2F%2Fwww.schaffenhausshepherds.net%2F&v=1.3.0&lv=1&sn=60293&r=0&ww=1280&u=https%3A%2F%2Fwww.qwlcy.com%2F&tt=9%E8%89%B2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Mar 2024 09:10:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FE4FA01C4072B44A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
sxlmggx12.com/ss3680.gif
156.251.153.52200 OK 273 kB IP 156.251.153.52:443
Certificate IssuerLet's Encrypt
Subjectsxlmggx12.com
Fingerprint83:62:6B:6F:C2:AB:57:BE:B2:35:45:C9:59:37:54:BA:1F:52:DB:40
ValidityWed, 17 Jan 2024 21:11:38 GMT - Tue, 16 Apr 2024 21:11:37 GMT
File type GIF image data, version 89a, 960 x 80
Size 273 kB (273006 bytes)
Hash 47edb486593dd0847a49f45c4bf22c26
ba985b53b593000efbb0435bb858038903e93fec
73c3217ba59e961b7ef42283222cc37095f141cb98c6b50964fa246c6b1b5365
GET /ss3680.gif HTTP/1.1
Host: sxlmggx12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/onex
Date: Fri, 29 Mar 2024 09:10:22 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 24 Apr 2024 09:07:28 GMT
X-One-Cache: HIT
1cdn.yuanpinghengkangfuyouxiangongsi.top/wns96080a.gif
123.6.40.242200 OK 374 kB URL GET HTTP/1.1 1cdn.yuanpinghengkangfuyouxiangongsi.top/wns96080a.gif
IP 123.6.40.242:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerSectigo Limited
Subject1cdn.yuanpinghengkangfuyouxiangongsi.top
FingerprintCE:05:79:17:67:EA:DF:17:71:55:41:BF:B4:76:F0:B8:57:12:F0:07
ValidityFri, 16 Jun 2023 00:00:00 GMT - Sat, 15 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 374 kB (374505 bytes)
Hash 61f0a03d052a9fa7c45384a259b5ba2e
d4ee20f085c53882170bf84dedc1f41995e1bd40
e1861e6ff229839c7d15fb0b166069fe773aad508c8d174661a7437e2b45632b
GET /wns96080a.gif HTTP/1.1
Host: 1cdn.yuanpinghengkangfuyouxiangongsi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Sat, 02 Dec 2023 15:46:47 GMT
Etag: "61f0a03d052a9fa7c45384a259b5ba2e"
Content-Type: image/gif
Date: Fri, 22 Mar 2024 14:42:34 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 8121941456025080816
x-cos-request-id: NjVmZDk4ZGFfZjBhNmIwMDlfOTAzYV81NGY3MTE3
Content-Length: 374505
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5662013786101602529
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=3600
fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2385.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fmlb.netlbtu.com/images/2021/7/31/dmm7587.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/31/dmm7587.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/31/dmm7587.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2382.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jt.112248.vip/jingtai/szgg/1332wy100.gif
0.0.0.0 0 B URL GET jt.112248.vip/jingtai/szgg/1332wy100.gif
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jingtai/szgg/1332wy100.gif HTTP/1.1
Host: jt.112248.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2383.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.qwlcy.com/template/m1938pc/css/zui.css
23.83.129.20200 OK 98 kB URL GET HTTP/2 www.qwlcy.com/template/m1938pc/css/zui.css
IP 23.83.129.20:443
ASN #19148 LEASEWEB-USA-PHX
Certificate IssuerLet's Encrypt
Subjectwww.700515.com
Fingerprint43:CD:75:78:F9:B7:C5:DE:F8:A7:BC:06:6C:4A:12:BD:63:34:95:B4
ValidityWed, 27 Mar 2024 13:16:52 GMT - Tue, 25 Jun 2024 13:16:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.qwlcy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: text/css
last-modified: Sun, 12 Jun 2022 13:35:14 GMT
vary: Accept-Encoding
etag: W/"62a5eb92-1806f"
expires: Fri, 29 Mar 2024 21:10:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2381.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2384.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.qwlcy.com/
23.83.129.20200 OK 51 kB IP 23.83.129.20:443
ASN #19148 LEASEWEB-USA-PHX
Requested by http://www.schaffenhausshepherds.net/wpwe/ZGF2aW4ub2htc0B3aXBmbGkuY29t
Certificate IssuerLet's Encrypt
Subjectwww.700515.com
Fingerprint43:CD:75:78:F9:B7:C5:DE:F8:A7:BC:06:6C:4A:12:BD:63:34:95:B4
ValidityWed, 27 Mar 2024 13:16:52 GMT - Tue, 25 Jun 2024 13:16:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.qwlcy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.schaffenhausshepherds.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:10:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2380.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.qwlcy.com/template/m1938pc/css/ate.css
23.83.129.20200 OK 76 kB URL GET HTTP/2 www.qwlcy.com/template/m1938pc/css/ate.css
IP 23.83.129.20:443
ASN #19148 LEASEWEB-USA-PHX
Certificate IssuerLet's Encrypt
Subjectwww.700515.com
Fingerprint43:CD:75:78:F9:B7:C5:DE:F8:A7:BC:06:6C:4A:12:BD:63:34:95:B4
ValidityWed, 27 Mar 2024 13:16:52 GMT - Tue, 25 Jun 2024 13:16:51 GMT
File type ASCII text, with CRLF line terminators
Hash b49992e1f195c8a7fae8874c7484979d
d061a88013db4f88c6e518f5a9aa17a308dee2f1
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.qwlcy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qwlcy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 09:10:21 GMT
content-type: text/css
last-modified: Thu, 21 Apr 2022 12:25:48 GMT
vary: Accept-Encoding
etag: W/"62614d4c-126e4"
expires: Fri, 29 Mar 2024 21:10:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
0.0.0.0 0 B URL GET fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2021/7/30/dmm2379.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache