r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8356
Expires: Wed, 07 Dec 2022 16:30:19 GMT
Date: Wed, 07 Dec 2022 14:11:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6571
Cache-Control: max-age=166183
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:03 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 12:20:46 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9557
Expires: Wed, 07 Dec 2022 16:50:20 GMT
Date: Wed, 07 Dec 2022 14:11:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 14:08:04 GMT
content-type: application/json
age: 179
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X6zNdP9hLcMGaVCYjU1ki4UPPgbmZl83o/CoLbhtKlRWiglGWwpK0JhV/Ylm2WsgP0Co5clyJl0=
x-amz-request-id: DMYGMMPEJMPXP49N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 13:47:31 GMT
age: 1412
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
6ype.com/
192.177.34.162301 Moved Permanently 0 B IP 192.177.34.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6ype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 14:11:04 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.6ype.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 14:07:55 GMT
age: 188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6527
Cache-Control: max-age=161074
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:03 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:55:37 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.6ype.com/index.php
192.177.34.162200 OK 530 B IP 192.177.34.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (593), with CRLF line terminators
Hash c35df5c027a83b7847e1280d0cbe76a7
29a406269d758b4017d6092d24c0d39290d609fd
13a7779adf565cdf19856e95d323351fa16dda1a1512964d8fc6da6e43f51406
GET /index.php HTTP/1.1
Host: www.6ype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 14:11:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JSWnx6buo1KAilHYXpzXwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZXZ/H7xuMdG8Gk1a2YKtu9JFkxs=
www.6ype.com/common.js
192.177.34.162200 OK 110 B IP 192.177.34.162:0
File type HTML document, ASCII text, with no line terminators
Hash 3c9aa7fcc51c84e7dfd2ff373b8e339a
b2fa95d9b8f5aa86cdcc43c75ecc7cf71238ee1a
308de89af2dccba7541e9824b123e0170de2a156bbae0a9ebb80a472c728370b
GET /common.js HTTP/1.1
Host: www.6ype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.6ype.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 14:11:05 GMT
Content-Type: application/x-javascript
Content-Length: 110
Connection: keep-alive
www.6ype.com/tj.js
192.177.34.162200 OK 258 B IP 192.177.34.162:0
File type ASCII text, with CRLF line terminators
Hash 72a04776cde73600196f343fe459053b
2ccc5103aaf9718a12d1cbc3038ed3712410efda
5a164ffdb496ed1f79caff00588a5a9151b234b2c2ea646d4f920136fa2ba283
GET /tj.js HTTP/1.1
Host: www.6ype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.6ype.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 14:11:05 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
23.27.102.211/hao/cangchun1.js
23.27.102.211200 OK 1.4 kB URL HTTP/1.1 23.27.102.211/hao/cangchun1.js
IP 23.27.102.211:0
File type HTML document, ISO-8859 text, with very long lines (416), with CRLF line terminators
Hash 526684bea6c5339effeb2e452962fdb5
b5b1085fe7351becd664794521a5d6a4b491272c
efe6113887dabfb95f8e71907df2e01e125433bfa9faa73843b90bf7b95393f6
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/cangchun1.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.6ype.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 05:36:55 GMT
Accept-Ranges: bytes
ETag: "c4f01bec465d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 1387
www.6ype.com/favicon.ico
192.177.34.162200 OK 1.2 kB IP 192.177.34.162:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.6ype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.6ype.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 14:11:05 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:24 GMT
Connection: keep-alive
ETag: "4e0d81e0-47e"
Expires: Mon, 12 Dec 2022 14:11:05 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
45.38.134.139/
45.38.134.139200 OK 5.5 kB IP 45.38.134.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 03926e9989dbd5e502a7c2f5edc8b33c
680cfa5fcd05d935a8f08a6198aaff124039ab66
05c2ea5cbb8e34c5c6d3bb39109bf6bafbe1e700acf210068c9a4a6f6aec3137
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.6ype.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 10:57:51 GMT
Accept-Ranges: bytes
ETag: "80a1229a3cfbd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 5488
23.27.102.211/hao/xx1.js
23.27.102.211200 OK 805 B IP 23.27.102.211:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 748d98718863744a047594199caca94b
7b25214ac1b5cf6b49ed3c70c3af43b8e70d5c0f
3dbb530c5f91bd86b67f297d63ebef1e0ada1c1c278a6d9b1b86f08aa26e561c
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/xx1.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 09:07:14 GMT
Accept-Ranges: bytes
ETag: "04df5772d6d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 805
45.38.134.139/template/m1938pc/assets/css/custom/img_list.css
45.38.134.139200 OK 605 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/img_list.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash b0fc3166fe67de115e53186319000ad9
72febf6f2d6d99677141f131080a6bc52ae60c54
e5d9eac0f7b1fcc55d01745e56719fbb56b1926bb8dc247940858a4f384d55ca
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/img_list.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 11:24:28 GMT
Accept-Ranges: bytes
ETag: "0be767fead0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 605
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2c5cce5b942f0bb53d6b169994cf1b49
50c3b4bd917ba44f6fc549859d30989aec2403bc
59961fc1c8de69908efc502bf10089c4acd7019e96880392b7f0f43e242f3350
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 10:26:08 GMT
ETag: "50c3b4bd917ba44f6fc549859d30989aec2403bc"
Last-Modified: Wed, 07 Dec 2022 10:26:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2303
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775dd936cfc8b523-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 14:11:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 14:11:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 14:11:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 14:11:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 21354
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 58645
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 62491
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 58152
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 24862
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 20294
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
45.38.134.139/template/m1938pc/assets/css/common/style.css
45.38.134.139200 OK 2.5 kB URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/common/style.css
IP 45.38.134.139:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2148588fb948680a6103205ed6f8a5e2
47cf8f61e44d8046e2b5e29eff332d694386bcc7
656847e1e3e4e5855c11460fcf1a03825df9099d60f34185f22ecddbb4c663b5
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/common/style.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:44:52 GMT
Accept-Ranges: bytes
ETag: "01ab933d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 2543
45.38.134.139/template/m1938pc/assets/css/custom/main.css
45.38.134.139200 OK 711 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/main.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 8b2e70b6fe8e9d34413bfc1182eac7eb
b14dbe53f290fbe52e489c12241dde4af19852cf
fa40943f2e7ffbdec928dea8000be40061394cf1521bd1e909c19808dc2fc83d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/main.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:47:24 GMT
Accept-Ranges: bytes
ETag: "076528ed4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 711
45.38.134.139/template/m1938pc/assets/css/custom/banner.css
45.38.134.139200 OK 450 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/banner.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 65a6e156ef8a44aa173032879dfba1fc
012edcec1a3d22c2bac0cf625f88d08c699fd473
40095c076b58b69d4194a603373a9076f0fa6baf16591b9c0408c880fa8c13eb
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/banner.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:47:46 GMT
Accept-Ranges: bytes
ETag: "0656f9bd4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 450
23.27.102.211/hao/xx2.js
23.27.102.211200 OK 355 B IP 23.27.102.211:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash ad20d3aa8511abf1c827c6baf11b200b
0778d6fd663a8825a9a6a9896286ec906f6fa4b6
817e47f669d814e3f3db8e6b9bbb1d55abe7b84e2a4c6964918d3c0c64410df1
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/xx2.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 09:07:43 GMT
Accept-Ranges: bytes
ETag: "7dbe99892d6d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 355
23.27.102.211/hao/dh.js
23.27.102.211200 OK 1.6 kB IP 23.27.102.211:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2ffe6b534f6974eb855c2f5c7957d0f0
9c93f0a2cd7e2e50bdf21b5abb48bf751f6838e2
58628fe69afd8d04d1ec5c6b7cd0ebf8644207f5a7be049e3d1e938d3b89d24c
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/dh.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 07:44:28 GMT
Accept-Ranges: bytes
ETag: "056359621fbd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 1575
45.38.134.139/template/m1938pc/assets/css/custom/header.css
45.38.134.139200 OK 644 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/header.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 45343a53e68017567ce3935d5cc238a6
97a5f4dbe1ac241097016c27f89faf109fc8a088
e53d0622e72d9aaf74c4ea0ea6b0959d56003c70c7bd07ac1aad5b4b24c1861d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/header.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:48:10 GMT
Accept-Ranges: bytes
ETag: "081bda9d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 644
45.38.134.139/template/m1938pc/assets/css/custom/menu.css
45.38.134.139200 OK 734 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/menu.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 4de75963c2277b7314d7f502471e9eef
6cecd201c8a575de285f5360665dc3896cfb0c47
f464208a2d715a1706e728969de54ca354cb13f5dda6314da57d1ff703630f6f
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/menu.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:48:48 GMT
Accept-Ranges: bytes
ETag: "0d863c0d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 734
23.27.102.211/hao/xx3.js
23.27.102.211200 OK 370 B IP 23.27.102.211:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 19c35e3f6c3ccfd905b19469a99a612b
aff0f548a576f380ab555be3aa596bcbcda93839
a13e54411b7769e4c654c62a6d7b12d2c4a32147abf886d26ebb31d0614e9708
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/xx3.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 06:41:34 GMT
Accept-Ranges: bytes
ETag: "9ab75453a90d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 370
23.27.102.211/hao/bb/ddp.js
23.27.102.211404 Not Found 1.2 kB URL HTTP/1.1 23.27.102.211/hao/bb/ddp.js
IP 23.27.102.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/ddp.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 1163
23.27.102.211/hao/bb/dl.js
23.27.102.211200 OK 768 B URL HTTP/1.1 23.27.102.211/hao/bb/dl.js
IP 23.27.102.211:0
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 23e889cb277b730984018cc45ed1c5fc
a8fd48420242c5535439b443984e50b45a393182
db202c65c008d05aff3dadf7dd8417b19df28447cf114d592684dfe909e26472
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/dl.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:58:44 GMT
Accept-Ranges: bytes
ETag: "a68a5fe6236d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 768
23.27.102.211/hao/bb/dp.js
23.27.102.211404 Not Found 1.2 kB URL HTTP/1.1 23.27.102.211/hao/bb/dp.js
IP 23.27.102.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/dp.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 1163
45.38.134.139/template/m1938pc/assets/css/custom/footer.css
45.38.134.139200 OK 294 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/custom/footer.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 9d4b91ad73fd55625a6eeaf8daef3b2e
33e0e7c771187fd005eb553a3a9fd4c532e44884
c50973c3f643e10bd8954751a0987375b8c3fd59521950c8230247a62c2cdf3c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/custom/footer.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:49:08 GMT
Accept-Ranges: bytes
ETag: "09a4fccd4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 294
45.38.134.139/template/m1938pc/assets/css/common/flickity.min.css
45.38.134.139200 OK 758 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/common/flickity.min.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash d1312108484c0962ebe6a951565a1385
a1cb2e2ca57c119e181861ce0179cf58fdd4ddfe
be21bd85527069fcb9718aa24a6e76b00287129c386dac8f0ade132df4e585e3
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/common/flickity.min.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:49:50 GMT
Accept-Ranges: bytes
ETag: "04b58e5d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 758
45.38.134.139/template/m1938pc/assets/css/common/common.css
45.38.134.139200 OK 636 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/common/common.css
IP 45.38.134.139:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 98b5a40049277927d336efe38986c32d
8592638265f9fadc61095f27af2822fc0593ca5c
95a94ef5f560c6a7180c19d94d763dffa4209306cd6a59e891094ada142e59f6
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/common/common.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/template/m1938pc/assets/css/common/style.css
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:45:28 GMT
Accept-Ranges: bytes
ETag: "0442e49d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 636
23.27.102.211/hao/bb/xtb.js
23.27.102.211200 OK 3.3 kB URL HTTP/1.1 23.27.102.211/hao/bb/xtb.js
IP 23.27.102.211:0
File type ISO-8859 text, with very long lines (555), with CRLF line terminators
Hash 0913352871fcf1fb697eacd41e4959f2
019ebe24e2ad33f42a71677386b0ccd286cfe073
66df0ea3d0798123fff4dd769685b3612e1cc2651428f2fffdbd9264a5506144
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/xtb.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 31 Jul 2022 14:02:33 GMT
Accept-Ranges: bytes
ETag: "8022152ee6a4d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 3313
45.38.134.139/template/m1938pc/assets/css/common/pagination.css
45.38.134.139200 OK 516 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/common/pagination.css
IP 45.38.134.139:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d12ac8fdeead35609e98d8b92b6d5a53
9592d39c4050f7c9466647708d40cd78eea459c7
b8e662a7b6239a1a9685ab75ac635986bc65f24bdb6ac83205cfffbd46d8fd48
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/common/pagination.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/template/m1938pc/assets/css/common/style.css
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:45:54 GMT
Accept-Ranges: bytes
ETag: "08dad58d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 516
45.38.134.139/template/m1938pc/assets/css/common/icon.css
45.38.134.139200 OK 431 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/common/icon.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash e4dc39f949c0502f99453ca06a716fb8
e02f9cded5e0660e573d7180e0d85a347a2465a5
420111841e704516e66a2ec53d47aaea8aed38e36e2c034946effef416a5b775
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/common/icon.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/template/m1938pc/assets/css/common/style.css
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:46:36 GMT
Accept-Ranges: bytes
ETag: "03eb671d4d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 431
45.38.134.139/template/m1938pc/assets/css/theme/default.css
45.38.134.139200 OK 141 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/theme/default.css
IP 45.38.134.139:0
File type ASCII text, with no line terminators
Hash bf8f420435d6e6f9387ef0a10fcd6856
546afe87d55ad3a4e869f091e1ab7d2f08da16ed
f560382e597a08953936f10e274aec2e50fc19281bb8b76a6b84c470101e5a18
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/theme/default.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2019 08:50:38 GMT
Accept-Ranges: bytes
ETag: "083f41d5d0d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:14 GMT
Content-Length: 141
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 573cdea2bf66a3ef35e6717d38e1ba6a
3ddc04214aee44d860e1cbaa1757527d1a64f51a
06d84d85d6a42a94ea9bf210676afdb30f39985bd944f616a18927279f48b449
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:06 GMT
Etag: "638fee40-116"
Last-Modified: Wed, 07 Dec 2022 12:50:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 573cdea2bf66a3ef35e6717d38e1ba6a
3ddc04214aee44d860e1cbaa1757527d1a64f51a
06d84d85d6a42a94ea9bf210676afdb30f39985bd944f616a18927279f48b449
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:06 GMT
Etag: "638fee40-116"
Last-Modified: Wed, 07 Dec 2022 12:50:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 573cdea2bf66a3ef35e6717d38e1ba6a
3ddc04214aee44d860e1cbaa1757527d1a64f51a
06d84d85d6a42a94ea9bf210676afdb30f39985bd944f616a18927279f48b449
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5537
Cache-Control: max-age=133095
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:06 GMT
Etag: "638fee40-116"
Expires: Fri, 09 Dec 2022 03:09:21 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
fmtu.netfhtu.com/upload/vod/2020/07/ysvym1hqnmr.jpg
104.21.235.64200 OK 8.8 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2020/07/ysvym1hqnmr.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 161c0d2506c7cf8229dc4160d6ad2c88
0a7e4b1f2aaa174ec73bf31baa2e7750199ed36e
302e0932d491673fe1c2d79bd7a40fbbccaba6694bc1e73721a3bd2b50ba2468
GET /upload/vod/2020/07/ysvym1hqnmr.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:06 GMT
content-type: image/jpeg
content-length: 8753
cf-bgj: h2pri
etag: "5f0a7a7a-2231"
last-modified: Sun, 12 Jul 2020 02:50:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Fk3bLZFtDkSl41RxOYU2olAVdKiQAKmDDyuA8cinIj%2FoW7ITTCWapZQkyCgseDbDZ1PSU3BhC00qZTHX%2F5z7if6f2lax4HXo6vWYPLBlX8mqeTujRMnr80dF81VVgowedd%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775dd93bea6588b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 573cdea2bf66a3ef35e6717d38e1ba6a
3ddc04214aee44d860e1cbaa1757527d1a64f51a
06d84d85d6a42a94ea9bf210676afdb30f39985bd944f616a18927279f48b449
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:06 GMT
Etag: "638fee40-116"
Last-Modified: Wed, 07 Dec 2022 12:50:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
45.38.134.139/template/m1938pc/assets/css/theme/blue.css
45.38.134.139200 OK 856 B URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/css/theme/blue.css
IP 45.38.134.139:0
File type ASCII text, with CRLF line terminators
Hash 5204d1eab3e6c2bce6b1645267e31506
83ce329fee8dc5efb382b21bd57e62c2adffbe47
8fbbaf44d2894710526d80173aa0af1066ce7c03b5c60aa5fc3572677b35d671
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/css/theme/blue.css HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/template/m1938pc/assets/css/theme/default.css
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 25 Jul 2021 11:09:27 GMT
Accept-Ranges: bytes
ETag: "b5ff65884581d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:15 GMT
Content-Length: 856
fmtu.netfhtu.com/upload/vod/2020/07/jscjo2i245n.jpg
104.21.235.64200 OK 7.3 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2020/07/jscjo2i245n.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 91b50922ac0cb0b971eeafbf90eb2584
df52faf5d9dd9a33e142928ed9dccf7c3026dec5
2d4d0d321f6148465334f0639e4571af934934630faafc3e8ddc51e40d729319
GET /upload/vod/2020/07/jscjo2i245n.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:06 GMT
content-type: image/jpeg
content-length: 7296
cf-bgj: h2pri
etag: "5f0a7a7c-1c80"
last-modified: Sun, 12 Jul 2020 02:50:36 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Te6%2FYuRshEg7yheSlWKVGwS8DUdKZXjkAOgrhbwpTy8Q2PpbsWOOC3TKuNmFBWAE8ilS6Bo7XCYaqjTU4k%2B8tLD0Hk4qX8F1Oekw3R7rLSj%2B6XZwVerQ9C%2Bn%2FNNqhhAEpnE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775dd93bfa7588b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
23.27.102.211/hao/bb/ddp.js
23.27.102.211404 Not Found 1.2 kB URL HTTP/1.1 23.27.102.211/hao/bb/ddp.js
IP 23.27.102.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/ddp.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:15 GMT
Content-Length: 1163
hm.baidu.com/hm.js?7200d35f63be1197c2feb2d9402d9bbc
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7200d35f63be1197c2feb2d9402d9bbc
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash ed8e58ab3534575c43f05de7adf165d6
949a31857671b3ffdca10a2d90ef065085244915
72aea89d09516ed7eae3b07cc2b9bd755d3eda1d3243e22582c18c8294c995fb
GET /hm.js?7200d35f63be1197c2feb2d9402d9bbc HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.6ype.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 14:11:05 GMT
Etag: d2a20a119bd2447c7c91f97e7e0ecc24
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1E682DB8C1431957; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmtu.netfhtu.com/upload/vod/2020/07/hcgognnyfsw.jpg
104.21.235.64200 OK 11 kB URL HTTP/2 fmtu.netfhtu.com/upload/vod/2020/07/hcgognnyfsw.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 6213575a3c8bac3c7610dde4176d7896
b9653f120fa237654c0a303718fb041829adaa4f
6cc73be4ffd81b036bcbbf6695b811e22f7a557e9808bd86839d2d1310da79f6
GET /upload/vod/2020/07/hcgognnyfsw.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:06 GMT
content-type: image/jpeg
content-length: 11367
cf-bgj: h2pri
etag: "5f0a7a89-2c67"
last-modified: Sun, 12 Jul 2020 02:50:49 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMqs82YRkDGETOCPm70Y9idiTnqI%2FHCiOKtLt1M86WI0tVhVX96ucDpRPo5NtaPesS6kBCP2F6CrIhEr5Nha42NsFtlys43wX4IHNIcXy5DfzWu2kQhp%2F%2FbYUwELFrHeYRNa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775dd93c0a7d88b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
23.27.102.211/hao/bb/dp.js
23.27.102.211404 Not Found 1.2 kB URL HTTP/1.1 23.27.102.211/hao/bb/dp.js
IP 23.27.102.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /hao/bb/dp.js HTTP/1.1
Host: 23.27.102.211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:15 GMT
Content-Length: 1163
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1247587533&si=7200d35f63be1197c2feb2d9402d9bbc&v=1.3.0&lv=1&sn=651&r=0&ww=1280&u=http%3A%2F%2Fwww.6ype.com%2Findex.php&tt=%E5%AE%9A%E5%B7%9E%E6%8C%87%E8%9A%9C%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1247587533&si=7200d35f63be1197c2feb2d9402d9bbc&v=1.3.0&lv=1&sn=651&r=0&ww=1280&u=http%3A%2F%2Fwww.6ype.com%2Findex.php&tt=%E5%AE%9A%E5%B7%9E%E6%8C%87%E8%9A%9C%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1247587533&si=7200d35f63be1197c2feb2d9402d9bbc&v=1.3.0&lv=1&sn=651&r=0&ww=1280&u=http%3A%2F%2Fwww.6ype.com%2Findex.php&tt=%E5%AE%9A%E5%B7%9E%E6%8C%87%E8%9A%9C%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.6ype.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 14:11:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C454E24C9D5F79E7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555d6b74d54f6f36a39ac98a008882e5
acc79ef5041737526483ebf7a698e8241c2bff67
13b221339b609fe0cc13fbaabd3b07dbcc32b74256dfb773cdcd6537aa5389f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13B221339B609FE0CC13FBAABD3B07DBCC32B74256DFB773CDCD6537AA5389F8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1456
Expires: Wed, 07 Dec 2022 14:35:22 GMT
Date: Wed, 07 Dec 2022 14:11:06 GMT
Connection: keep-alive
kvhmm.com/20fa8096187539ac0eae9926bff70219.gif
137.175.13.78301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/20fa8096187539ac0eae9926bff70219.gif
IP 137.175.13.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /20fa8096187539ac0eae9926bff70219.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Dec 2022 14:11:13 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/20fa8096187539ac0eae9926bff70219.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e0e4b61c3b52531ff09a0f2f56cacbf
52c434d3b04a1cfdcc3122e3297e9d853b2d6f4b
c57a0f988ebb5417e87f56924ee3fe32496480e7fb43ebdedf52bc4f34db08da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57A0F988EBB5417E87F56924EE3FE32496480E7FB43EBDEDF52BC4F34DB08DA"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4813
Expires: Wed, 07 Dec 2022 15:31:20 GMT
Date: Wed, 07 Dec 2022 14:11:07 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash aad08c571ab417fd6f656f1ece3420ba
fb6645d80ec255783e776c6befa758a2bac11245
0513cc82608adda32d990ea41edb51c53552c54e600c7cf696a7dff15fd8ad4d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 14:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Dec 2022 06:09:16 GMT
Expires: Thu, 08 Dec 2022 06:09:16 GMT
ETag: "fb6645d80ec255783e776c6befa758a2bac11245"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25f97f70bd7d803fca2b3fada4fe4daa
9b3c1f319423d0ead5b6523a05967554f870484a
5185213be7151f1e11576be63c0b3d5e1303654f6358c157d52c9fbf3266e84c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5185213BE7151F1E11576BE63C0B3D5E1303654F6358C157D52C9FBF3266E84C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7134
Expires: Wed, 07 Dec 2022 16:10:01 GMT
Date: Wed, 07 Dec 2022 14:11:07 GMT
Connection: keep-alive
45.38.134.139/template/m1938pc/assets/images/theme/default/share_person.png
45.38.134.139200 OK 23 kB URL HTTP/1.1 45.38.134.139/template/m1938pc/assets/images/theme/default/share_person.png
IP 45.38.134.139:0
File type PNG image data, 209 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5050132afddce2266f9723bfe41d7496
9b85758b1f442cd33921dbed5672750b348ff436
2e613af975c56cabcad51a8494a3970a653b605ab8a4e4b443af98a0b7a6a41c
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/assets/images/theme/default/share_person.png HTTP/1.1
Host: 45.38.134.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://45.38.134.139/template/m1938pc/assets/css/custom/header.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 17 Apr 2021 03:07:24 GMT
Accept-Ranges: bytes
ETag: "03ef1c93633d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 14:11:15 GMT
Content-Length: 22631
kvtfff.top/20fa8096187539ac0eae9926bff70219.gif
104.21.233.215200 OK 220 kB URL HTTP/2 kvtfff.top/20fa8096187539ac0eae9926bff70219.gif
IP 104.21.233.215:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 220 kB (219762 bytes)
Hash 189a75876b7e409832aeb2af9a49780c
0db81a1ccb9d271c6b90bbc9dddd7eac96a4e4c6
10567d9550c95886513640e12fc8f9bff1214ef6798455414ac0a13e2f5688a7
GET /20fa8096187539ac0eae9926bff70219.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://45.38.134.139/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:07 GMT
content-type: image/gif
content-length: 219762
last-modified: Wed, 05 Oct 2022 12:43:19 GMT
etag: "633d7be7-35a72"
expires: Fri, 06 Jan 2023 14:11:07 GMT
cache-control: max-age=5356800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBOskGVVoc%2FT8mKBDdAMubTNHex3vTEg%2BmrA6C0jGjNjCoVsn8ehdNFkMhCWlCI23R9SfR149Q%2FzUAPdfAcp4pyVG%2FRqDpsV%2FhYLwcFmb8yOp3zGHLktYQHg4e2I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775dd9425f35dd4c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25f97f70bd7d803fca2b3fada4fe4daa
9b3c1f319423d0ead5b6523a05967554f870484a
5185213be7151f1e11576be63c0b3d5e1303654f6358c157d52c9fbf3266e84c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5185213BE7151F1E11576BE63C0B3D5E1303654F6358C157D52C9FBF3266E84C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7134
Expires: Wed, 07 Dec 2022 16:10:01 GMT
Date: Wed, 07 Dec 2022 14:11:07 GMT
Connection: keep-alive
hm.baidu.com/hm.js?d07bde545739724681b326347295ffc3
103.235.46.191200 OK 12 kB URL HTTP/1.1 hm.baidu.com/hm.js?d07bde545739724681b326347295ffc3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 14b378274192b5dcd9845047e034f512
9ae2521ee2fd7b92f0013e3d914d39ecc452825a
3220a6928a053de9993fff1334e7399269c5a4548f9f0b90dbdcc8824054742d
GET /hm.js?d07bde545739724681b326347295ffc3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11459
Content-Type: application/javascript
Date: Wed, 07 Dec 2022 14:11:06 GMT
Etag: d54f3803140a0a6408b5aaf2143aa6a8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C677ACD7825C927C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b61122cfe568765f526fa6e7ebdc7170
8f1a8ba3e44bebe4d3120c47d3bda28abdaa7b3d
4bdb0c5ec8fa5a613329df98cdc15318efe318b571944f83b4e4d090763e89e6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Dec 2022 12:23:02 GMT
ETag: "8f1a8ba3e44bebe4d3120c47d3bda28abdaa7b3d"
Last-Modified: Wed, 07 Dec 2022 12:23:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 889
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775dd9454b1db523-OSL
img13.360buyimg.com/ddimg/jfs/t1/198395/10/3845/30988/611cfd8eEf8533cce/4e8911aca732622b.gif
163.171.134.109200 OK 31 kB URL HTTP/2 img13.360buyimg.com/ddimg/jfs/t1/198395/10/3845/30988/611cfd8eEf8533cce/4e8911aca732622b.gif
IP 163.171.134.109:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 960 x 60\012- data
Hash dae03b2b8f396c2140c80df759f623c8
2306c4a003a70d399a11b32a3e6438149f319b59
844811db987818d5780052ad93c751425d7025c743c53087c12df71f481881b3
GET /ddimg/jfs/t1/198395/10/3845/30988/611cfd8eEf8533cce/4e8911aca732622b.gif HTTP/1.1
Host: img13.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:07 GMT
content-type: image/gif
content-length: 30988
expires: Thu, 17 Jun 2032 15:45:48 GMT
server: nginx
cache-control: max-age=315360000
last-modified: Wed, 18 Aug 2021 12:31:10 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-28 (jcs [cHs f ]), http/1.1 HB-UNI-3-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1655229192113-0-0-2-13-13;200;200-1655468852447-0-0-0-1-1;200-1655724025032-0-0-0-0-0
age: 1
x-via: 1.1 PShgseSEL5rw164:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:11 (Cdn Cache Server V2.0), 1.1 PS-ARN-016FX94:12 (Cdn Cache Server V2.0)
x-ws-request-id: 63909efb_PSrdsdgemSTO1sw92_10589-50559
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127559
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:07 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:06 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: nginx
Content-Length: 279
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1775509752&si=d07bde545739724681b326347295ffc3&su=http%3A%2F%2Fwww.6ype.com%2F&v=1.2.83&lv=1&sn=652&r=0&ww=1268&ct=!!&u=http%3A%2F%2F45.38.134.139%2F&tt=%E6%9A%A7%E6%98%A7%E5%BD%B1%E9%99%A2
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1775509752&si=d07bde545739724681b326347295ffc3&su=http%3A%2F%2Fwww.6ype.com%2F&v=1.2.83&lv=1&sn=652&r=0&ww=1268&ct=!!&u=http%3A%2F%2F45.38.134.139%2F&tt=%E6%9A%A7%E6%98%A7%E5%BD%B1%E9%99%A2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1775509752&si=d07bde545739724681b326347295ffc3&su=http%3A%2F%2Fwww.6ype.com%2F&v=1.2.83&lv=1&sn=652&r=0&ww=1268&ct=!!&u=http%3A%2F%2F45.38.134.139%2F&tt=%E6%9A%A7%E6%98%A7%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 14:11:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=66269827CB51CCBC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
172.67.143.17200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 172.67.143.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Tue, 03 Jan 2023 04:35:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 293741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HipevchJOeVTQCuqqmHAj8XgsP1NI2bg%2FLUGx2TTvtylIWOtPqBI7cIoZS6m0qDLYaAu14M6fakIQnDpx3wIdS9k8GcAVPoZ7mmNHps2q%2FDbUo36EsxoapXbEGMxIxXr7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775dd946ea02b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3894248ea576b69eee1462b4a4b58489
82794005696c6f5ecba30f740739c1691efe97a3
3a0709907a646c47c86479890366a272efa5fd4c737269b5b551e8b09a0c3f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=127559
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:08 GMT
Etag: "638fee42-117"
Expires: Fri, 09 Dec 2022 01:37:07 GMT
Last-Modified: Wed, 07 Dec 2022 01:37:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash beb8aea165c7b4fbf6a19bb5f0598721
fe7a981a257e6067bddb8be357107a6c1cd764ea
71f7390b10bf84109b6d55c1e142b93fe1f0f46959b426e474f9352ef890f9c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:50:10 GMT
Expires: Mon, 12 Dec 2022 11:50:09 GMT
Etag: "fe7a981a257e6067bddb8be357107a6c1cd764ea"
Cache-Control: max-age=422940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd947b83cb515-OSL
taiwtp1.com/img/960120.gif
220.128.218.220200 OK 121 kB URL HTTP/2 taiwtp1.com/img/960120.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 120\012- data
Size 121 kB (120952 bytes)
Hash 8b1ce22d19b73e71ec05f04491df7cae
101ed504920b13424231d6fb3540fb7dfdba69e3
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
GET /img/960120.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:08:35 GMT
content-type: image/gif
content-length: 120952
last-modified: Thu, 10 Mar 2022 10:55:56 GMT
etag: "6229d93c-1d878"
expires: Fri, 06 Jan 2023 14:08:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4dccfd6be2f1ab5afc0e48f582d6e5c5
3b9424cd3e504dc56d8cf8b412d21f564401d038
fd4a4d412b6ddc5c93348d1d4ad5164b20be64dd1dccba1ebd2d63eda039463e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:43:09 GMT
Expires: Sun, 11 Dec 2022 12:43:08 GMT
Etag: "3b9424cd3e504dc56d8cf8b412d21f564401d038"
Cache-Control: max-age=339719,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd947bd171c16-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash beb8aea165c7b4fbf6a19bb5f0598721
fe7a981a257e6067bddb8be357107a6c1cd764ea
71f7390b10bf84109b6d55c1e142b93fe1f0f46959b426e474f9352ef890f9c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:50:10 GMT
Expires: Mon, 12 Dec 2022 11:50:09 GMT
Etag: "fe7a981a257e6067bddb8be357107a6c1cd764ea"
Cache-Control: max-age=422940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd947bb3cb51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash beb8aea165c7b4fbf6a19bb5f0598721
fe7a981a257e6067bddb8be357107a6c1cd764ea
71f7390b10bf84109b6d55c1e142b93fe1f0f46959b426e474f9352ef890f9c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:50:10 GMT
Expires: Mon, 12 Dec 2022 11:50:09 GMT
Etag: "fe7a981a257e6067bddb8be357107a6c1cd764ea"
Cache-Control: max-age=422940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd947bb3bb51e-OSL
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:08:35 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Fri, 06 Jan 2023 14:08:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/iNUzmkEh/1.jpg
198.16.55.254200 OK 23 kB URL HTTP/2 askzyimg.com/20221104/iNUzmkEh/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 6e65e55dbbb11befdb877640ebf58c75
9aefb9998d93f1b58913ecda00905c4448ad205e
24de8b246cd9c945b2438715473a0e604887f1560d92ecdf13b633f9de55ea2f
GET /20221104/iNUzmkEh/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 22638
last-modified: Fri, 04 Nov 2022 08:58:30 GMT
etag: "6364d436-586e"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash beb8aea165c7b4fbf6a19bb5f0598721
fe7a981a257e6067bddb8be357107a6c1cd764ea
71f7390b10bf84109b6d55c1e142b93fe1f0f46959b426e474f9352ef890f9c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:50:10 GMT
Expires: Mon, 12 Dec 2022 11:50:09 GMT
Etag: "fe7a981a257e6067bddb8be357107a6c1cd764ea"
Cache-Control: max-age=422940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd947bb2db517-OSL
tpkj2222.com/img/k80m/oJFMW1rsL.gif
103.195.50.164200 OK 360 kB URL HTTP/1.1 tpkj2222.com/img/k80m/oJFMW1rsL.gif
IP 103.195.50.164:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 360 kB (360351 bytes)
Hash ff751acc20f3192fdae1544bbcf6b88f
91d5b69a9cc8136337bf16d443576f98d400ccec
23c9ef51183f48c57885c04b003d58a6cbf62931cdbe41ca5973a1b23a125366
GET /img/k80m/oJFMW1rsL.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 14:11:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"508025-1669660916000"
Last-Modified: Mon, 28 Nov 2022 18:41:56 GMT
Expires: Thu, 22 Dec 2022 14:11:07 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
askzyimg.com/20221104/s2H0SqlE/1.jpg
198.16.55.254200 OK 156 kB URL HTTP/2 askzyimg.com/20221104/s2H0SqlE/1.jpg
IP 198.16.55.254:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3\012- data
Size 156 kB (155988 bytes)
Hash 965e04d2392830503370bd35a17b63de
ae1bd0c394db9ed4b04f97ac0e9777439ad02ec0
1a29130ac5506e3c245ffa063e82b6b4abafd9525a623b32c318080e239852af
GET /20221104/s2H0SqlE/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 155988
last-modified: Fri, 04 Nov 2022 08:59:51 GMT
etag: "6364d487-26154"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/8g89HXJM/1.jpg
198.16.55.254200 OK 14 kB URL HTTP/2 askzyimg.com/20221104/8g89HXJM/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 640x480, components 3\012- data
Hash c52a5898ffbea4d200e067f9140d0a94
2febd95efc0dc21d9222c32b64d1b21cc2e6ff6b
d7ec464f6d0f737505e784cf67f03421a98500485ded4ad209965e24b4897b77
GET /20221104/8g89HXJM/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 13490
last-modified: Fri, 04 Nov 2022 04:52:14 GMT
etag: "63649a7e-34b2"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/KusFIzAW/1.jpg
198.16.55.254200 OK 14 kB URL HTTP/2 askzyimg.com/20221104/KusFIzAW/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 453x293, components 3\012- data
Hash 213c55428f4936443094642567e56008
1ef3ec9247b1d877c70603b0dc2d438d9e3fa451
66621026776cd1d8ad8c3ad56eca1f7303f021bcdfbcd0f086d1629bc5ca4340
GET /20221104/KusFIzAW/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 14406
last-modified: Sat, 19 Nov 2022 12:52:15 GMT
etag: "6378d17f-3846"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/0O3gru4H/1.jpg
198.16.55.254200 OK 43 kB URL HTTP/2 askzyimg.com/20221104/0O3gru4H/1.jpg
IP 198.16.55.254:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2022:06:07 11:34:31], baseline, precision 8, 718x404, components 3\012- data
Hash 56f37458ae16bf423617016b9cb1c9bd
b045a6345808bb7e239aab78798d6eac51c3dc3a
60dc663c818590be0839dfaf84ebbe62d07dc2080e07671822672d3135fedbe4
GET /20221104/0O3gru4H/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 42991
last-modified: Fri, 04 Nov 2022 08:59:51 GMT
etag: "6364d487-a7ef"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 694 kB URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Size 694 kB (693471 bytes)
Hash e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:08:35 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Fri, 06 Jan 2023 14:08:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dfc4555a284ab99307ccb0d06fc8a4e4
b3cad5dc129adc419192cec2b6a1e15dd78a77d4
ed8fd8d642eee82f9f6a2ee5990ff8ac4bef863bc0cb23db9289915155e30ec8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:11:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 18:21:34 GMT
Expires: Sun, 11 Dec 2022 18:21:33 GMT
Etag: "b3cad5dc129adc419192cec2b6a1e15dd78a77d4"
Cache-Control: max-age=360023,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dd94e8d6c1c16-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5302
Cache-Control: max-age=119540
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:11:09 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 23:23:29 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/7e8b295f98e8406e968e14ff0c65c9b2
47.246.44.226200 OK 563 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7e8b295f98e8406e968e14ff0c65c9b2
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 563 kB (562743 bytes)
Hash 120c390885d4580ed7abf5cd4b05575c
8047093c9889d5b496b56f6897d9d236b400391d
e601fe42e878a2fc13495d1184da984f92af228b686de71efdf9ca6e95abbf76
GET /obj/tos-cn-i-dy/7e8b295f98e8406e968e14ff0c65c9b2 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 562743
date: Thu, 01 Dec 2022 04:44:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 01 Dec 2022 04:14:59 GMT
nw-session-id: 2022120112145801015120315424DDEFB0xfmkg03dy
nw-session-trace: 2022-12-01T12:14:59.15993486+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 562743
x-powered-by: ImageX
x-response-date: Thu, 01 Dec 2022 12:14:59 GMT
x-tt-logid: 2022120112145801015120315424DDEFB0
via: n150-050-027, cache3.l2de2[0,0,206-0,H], cache6.l2de2[1,0], cache6.l2de2[1,0], cache1.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:22:599::149
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01a02977f9fb9dac3659bef1f92f603e174708fbdabeba685fc9a32cb5a862279ac85b340e31efaa2e5f79ca8ab5ad6dd284ea10a481016dc7427d4c34d4dd25305e4a3c4d0698eaea98cea205e9f82ef5fad1b6d0bf851d48db23e1a0face01d6
x-response-lb: image
ali-swift-global-savetime: 1669869888
age: 552381
x-cache: HIT TCP_HIT dirn:11:419576264 mlen:0
x-swift-savetime: Sat, 03 Dec 2022 03:03:29 GMT
x-swift-cachetime: 31369279
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916704222695781806e
X-Firefox-Spdy: h2
askzyimg.com/20221104/4LbHl525/1.jpg
198.16.55.254200 OK 11 kB URL HTTP/2 askzyimg.com/20221104/4LbHl525/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 204x360, components 3\012- data
Hash bb3b6ef12092f39b4cc5407047dcdef1
60d485de3661571ab10ee3a91690a934494a0c23
5af3294374289aec2924a3901823e536e5d23e3edc58db4ff419a4fdd5d0ebc0
GET /20221104/4LbHl525/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 11149
last-modified: Sat, 19 Nov 2022 12:52:14 GMT
etag: "6378d17e-2b8d"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/ALyz9v2z/1.jpg
198.16.55.254200 OK 22 kB URL HTTP/2 askzyimg.com/20221104/ALyz9v2z/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x188, components 3\012- data
Hash 0a79995461973c2a34b5a29b94035de7
9b3053fd18015c13b271da4230758691b240579c
c0f12d503c4c8c4c9e56c416e71379806734bf1974d34e7eebb96a5230abfd53
GET /20221104/ALyz9v2z/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 21897
last-modified: Sat, 19 Nov 2022 12:52:08 GMT
etag: "6378d178-5589"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/DNhn76m8/1.jpg
198.16.55.254200 OK 51 kB URL HTTP/2 askzyimg.com/20221104/DNhn76m8/1.jpg
IP 198.16.55.254:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2022:06:03 12:24:09], baseline, precision 8, 718x404, components 3\012- data
Hash 6c48554a2d966ddc68d795ddd58770f5
d437c295c8f1b74a51cb01bad66a17aaf00a945e
4014b383d810561786e136347425784ae3ff87e60c23504fbce0a8599a1a2397
GET /20221104/DNhn76m8/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 50846
last-modified: Fri, 04 Nov 2022 08:59:41 GMT
etag: "6364d47d-c69e"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vcwzfn.com/4dafa0b9814545d491a214821a7d4593.gif
103.170.15.62200 OK 294 kB URL HTTP/2 vcwzfn.com/4dafa0b9814545d491a214821a7d4593.gif
IP 103.170.15.62:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 294 kB (294005 bytes)
Hash f64b8fc77fe0603b03ada49daef5b62a
f4458433bb7181d5ee9d6d55265dc6e4ce3d97fd
c7a3648318c96955217adf750c3fb71d5b0444bbff97917a9e7cf9c68f197753
GET /4dafa0b9814545d491a214821a7d4593.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63245936-47c75"
server: nginx
date: Sun, 30 Oct 2022 05:06:19 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 11:08:38 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-52
content-length: 294005
X-Firefox-Spdy: h2
askzyimg.com/20221104/qcS9kkVa/1.jpg
198.16.55.254200 OK 25 kB URL HTTP/2 askzyimg.com/20221104/qcS9kkVa/1.jpg
IP 198.16.55.254:0
File type JPEG image data, baseline, precision 8, 640x480, components 3\012- data
Hash 36c9041e3b91d151b80ff2b34f9248c1
9b598d7997419d80af5d2f3ef9ed731a63e5bf0d
b7213dc98f5e95e53f36c871f7e54909cfdb5de16b113d0ad84cc8c1668c999b
GET /20221104/qcS9kkVa/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 24799
last-modified: Fri, 04 Nov 2022 04:54:08 GMT
etag: "63649af0-60df"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/lNX574zr/1.jpg
198.16.55.254200 OK 57 kB URL HTTP/2 askzyimg.com/20221104/lNX574zr/1.jpg
IP 198.16.55.254:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2022:06:09 11:16:16], baseline, precision 8, 718x404, components 3\012- data
Hash f4a734dc28278d51c2070a9de97236c1
cf4137855d6fc4a68de3808d84cdcd02cb742554
c082d99fcf48bdcc995173f63f37f15ccf23bbcfdb2152815f33f2c5b2eb8daf
GET /20221104/lNX574zr/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 57206
last-modified: Fri, 04 Nov 2022 08:59:51 GMT
etag: "6364d487-df76"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/uvQO1Xe0/1.jpg
198.16.55.254200 OK 37 kB URL HTTP/2 askzyimg.com/20221104/uvQO1Xe0/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 4bf7c3dd3663b48653d9f646b246ba0e
f76734b4b64b53f00e1736ae8a1be0a028bd65a7
737a13802b59e22a29ca3204bd0153f36cb2dd1eebdd411a712a7cd786fd3d76
GET /20221104/uvQO1Xe0/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 37077
last-modified: Fri, 04 Nov 2022 08:58:30 GMT
etag: "6364d436-90d5"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
539397377.com/10264033c7734124b1f56ada711a9065.gif
47.75.19.145200 OK 748 kB URL HTTP/1.1 539397377.com/10264033c7734124b1f56ada711a9065.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
GET /10264033c7734124b1f56ada711a9065.gif HTTP/1.1
Host: 539397377.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 07 Dec 2022 14:11:08 GMT
Content-Type: image/gif
Content-Length: 748166
Connection: keep-alive
x-oss-request-id: 63909EFCD0409B34325AF42E
Accept-Ranges: bytes
ETag: "DC16C165D9DA37BF4A9E9596A765425C"
Last-Modified: Tue, 01 Nov 2022 07:27:06 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3478477367098298607
x-oss-storage-class: Standard
Content-MD5: 3BbBZdnaN79KnpWWp2VCXA==
x-oss-server-time: 1
askzyimg.com/20221104/czfSKxcj/1.jpg
198.16.55.254200 OK 32 kB URL HTTP/2 askzyimg.com/20221104/czfSKxcj/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash a269c8ee87755b264b2b272f30026bba
f2995335d0debeadd8053d660c431ee0fd50d15c
f3b4e89017a81458442cbea17cfe23e86271d58bbd4d92883a35fc7db9b7bb45
GET /20221104/czfSKxcj/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 32291
last-modified: Fri, 04 Nov 2022 08:58:30 GMT
etag: "6364d436-7e23"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/moNkxrQ6/1.jpg
198.16.55.254200 OK 46 kB URL HTTP/2 askzyimg.com/20221104/moNkxrQ6/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 8be926040d34c952b2e49c9ebf987041
06fbe4f154e6dcec69407667c1b89c8f944ee4e1
cb9bbdf76369debdcfd6725d9007913bafa504f770edff2ea88587589f154758
GET /20221104/moNkxrQ6/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 45817
last-modified: Fri, 04 Nov 2022 08:58:31 GMT
etag: "6364d437-b2f9"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/3l8vveuf/1.jpg
198.16.55.254200 OK 46 kB URL HTTP/2 askzyimg.com/20221104/3l8vveuf/1.jpg
IP 198.16.55.254:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2022:06:01 10:59:37], baseline, precision 8, 718x404, components 3\012- data
Hash a948e669e1fb57dab05cdf4a12263af8
731995b0c716e5bdd4d5d5e137bd106954147019
388edaf72a20e36f504efe232c71345160f951d6c2c12a4ffcfb613d096b38fc
GET /20221104/3l8vveuf/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 45918
last-modified: Fri, 04 Nov 2022 08:59:41 GMT
etag: "6364d47d-b35e"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/mdaNUvRM/1.jpg
198.16.55.254200 OK 40 kB URL HTTP/2 askzyimg.com/20221104/mdaNUvRM/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 65dc7da52d43846640b3334a7c4f2b5c
b24d9237332b741f89d67768eaf92e9b2d150f01
0fbc1bce23ad6edb5fa23b27448a3e2504b79c0b0dd35c59ec659a80086ba525
GET /20221104/mdaNUvRM/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 39824
last-modified: Fri, 04 Nov 2022 08:58:31 GMT
etag: "6364d437-9b90"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/P4i1rvID/1.jpg
198.16.55.254200 OK 60 kB URL HTTP/2 askzyimg.com/20221104/P4i1rvID/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 723x633, components 3\012- data
Hash 48af2c6c8e385f785136501d106fada3
f4aa549d9f1ce686bd4e4cd73768ce72376bdb00
72bb769af4490eb915eeb73cfb372ccad6d0d0dd85487806501c115954214965
GET /20221104/P4i1rvID/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 60104
last-modified: Sat, 19 Nov 2022 12:51:04 GMT
etag: "6378d138-eac8"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/rM4eABKk/1.jpg
198.16.55.254200 OK 69 kB URL HTTP/2 askzyimg.com/20221104/rM4eABKk/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 5389x5400, segment length 16, comment: "Lavc58.60.100", baseline, precision 8, 360x634, components 3\012- data
Hash 7f21711f4a08ef1e178c7905d962d2c8
c2bbe4fcf3f7ae66e22b9bcd5743583a08b9acc7
96b8c71e92db579e3cc5dd739a6ba77cf43ac7ee28db68bdcb0592cb1c4e722c
GET /20221104/rM4eABKk/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 68901
last-modified: Sat, 19 Nov 2022 12:52:06 GMT
etag: "6378d176-10d25"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/ximbDSk3/1.jpg
198.16.55.254200 OK 73 kB URL HTTP/2 askzyimg.com/20221104/ximbDSk3/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 667x388, components 3\012- data
Hash 167efc36822327374450e6c692fc014b
a80422f326a54be8612519f2016629ef80721e56
259a00b4af29190725d7c39db03642fcb6cb6c830a1a890b77320b5e56b2347f
GET /20221104/ximbDSk3/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 72586
last-modified: Sat, 19 Nov 2022 12:52:15 GMT
etag: "6378d17f-11b8a"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/Xhqnb5jH/1.jpg
198.16.55.254200 OK 82 kB URL HTTP/2 askzyimg.com/20221104/Xhqnb5jH/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x703, components 3\012- data
Hash 2e35a130876963229908e7096bc1cbbf
ba57d3a3dc8a99bda0a69b6b364a442441f8a1a5
6b5275138173614309dd40e0725d71cb03b1b8ff292c259f76d9a58629faeed8
GET /20221104/Xhqnb5jH/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 82118
last-modified: Sat, 19 Nov 2022 12:52:35 GMT
etag: "6378d193-140c6"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/ihZjaKas/1.jpg
198.16.55.254200 OK 91 kB URL HTTP/2 askzyimg.com/20221104/ihZjaKas/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x705, components 3\012- data
Hash cd1f5e0d06fa43bd84006cb30c7a8b2a
71ba6eabe50e541467faeea5a00093935a63b5d0
6a2ddfb7b74dc7d43e9e903a19a79e4ea7c75a57b2112d8b0d7b4ed2831b2e5c
GET /20221104/ihZjaKas/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 90688
last-modified: Sat, 19 Nov 2022 12:51:05 GMT
etag: "6378d139-16240"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/Bcv25WmC/1.jpg
198.16.55.254200 OK 80 kB URL HTTP/2 askzyimg.com/20221104/Bcv25WmC/1.jpg
IP 198.16.55.254:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x706, components 3\012- data
Hash cbb7256696c1c9dc3daecc037bc78729
d0aa95806d360b8ac96eaec34aa3407f0c2e8904
5f93124a1c114f7246d60d25e233a53ac2e6f0b19b052796813f666b61b48c6e
GET /20221104/Bcv25WmC/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 80296
last-modified: Sat, 19 Nov 2022 12:52:07 GMT
etag: "6378d177-139a8"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/Fw7DHin9/1.jpg
198.16.55.254200 OK 19 kB URL HTTP/2 askzyimg.com/20221104/Fw7DHin9/1.jpg
IP 198.16.55.254:0
File type JPEG image data, baseline, precision 8, 640x480, components 3\012- data
Hash 6a5a92a8bf3a0fde6a039985d1afe4b7
31728dcd77eab7f80e83ae695fc0ebebfd616b3f
dac395cb066200243464eb1908470db452b90ddd7568408472670112c5ba8264
GET /20221104/Fw7DHin9/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 19403
last-modified: Fri, 04 Nov 2022 04:53:34 GMT
etag: "63649ace-4bcb"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/fJ7dKZ09/1.jpg
198.16.55.254200 OK 0 B URL HTTP/2 askzyimg.com/20221104/fJ7dKZ09/1.jpg
IP 198.16.55.254:0
GET /20221104/fJ7dKZ09/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 144659
last-modified: Sat, 19 Nov 2022 12:52:33 GMT
etag: "6378d191-23513"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/WEzTouuW/1.jpg
198.16.55.254200 OK 0 B URL HTTP/2 askzyimg.com/20221104/WEzTouuW/1.jpg
IP 198.16.55.254:0
GET /20221104/WEzTouuW/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 151840
last-modified: Sat, 19 Nov 2022 12:37:30 GMT
etag: "6378ce0a-25120"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/QvAvaPXz/1.jpg
198.16.55.254200 OK 0 B URL HTTP/2 askzyimg.com/20221104/QvAvaPXz/1.jpg
IP 198.16.55.254:0
GET /20221104/QvAvaPXz/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 158496
last-modified: Sat, 19 Nov 2022 12:36:23 GMT
etag: "6378cdc7-26b20"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
askzyimg.com/20221104/LdL8U2i5/1.jpg
198.16.55.254200 OK 0 B URL HTTP/2 askzyimg.com/20221104/LdL8U2i5/1.jpg
IP 198.16.55.254:0
GET /20221104/LdL8U2i5/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 164419
last-modified: Sat, 19 Nov 2022 12:44:31 GMT
etag: "6378cfaf-28243"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1193555.com/images/638829739dac4fe57e13ccc3.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1193555.com/images/638829739dac4fe57e13ccc3.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638829739dac4fe57e13ccc3.gif HTTP/1.1
Host: img.1193555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7e8b295f98e8406e968e14ff0c65c9b2
X-Firefox-Spdy: h2
askzyimg.com/20221104/9NN6kjgo/1.jpg
198.16.55.254200 OK 0 B URL HTTP/2 askzyimg.com/20221104/9NN6kjgo/1.jpg
IP 198.16.55.254:0
GET /20221104/9NN6kjgo/1.jpg HTTP/1.1
Host: askzyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://45.38.134.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:11:08 GMT
content-type: image/jpeg
content-length: 65876
last-modified: Sat, 19 Nov 2022 12:52:33 GMT
etag: "6378d191-10154"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=15768000
cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2