firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 13:14:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1e3JLKwWFFv9Tl1Gi5-qlLZ7ygoPXQc6cZ2QYEXm3CHO-3jL-4puyg==
Age: 2080
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7360
Expires: Sun, 25 Sep 2022 15:52:17 GMT
Date: Sun, 25 Sep 2022 13:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8392
Expires: Sun, 25 Sep 2022 16:09:29 GMT
Date: Sun, 25 Sep 2022 13:49:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m89ltgwJsuIbwWt15gmN4KOeM7jQNOSPH8h6+9frzKKPCDrucBvkXklgcxuFWEEW/8RREngSOK0=
x-amz-request-id: T3PB8JE26Q7SGVER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 13:45:48 GMT
age: 229
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:49:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.yituly.cn/index.php
154.93.243.215200 OK 663 B IP 154.93.243.215:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (729), with CRLF line terminators
Hash abdad71c77353475f4e632e8fc341517
4a4076bbd54ff5d02fd8c0fa97dd0746dbce2190
dfd44328e56beea364901bea93e5282ba305776b1730e9a4299b94bfc0fc440c
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.yituly.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yituly.cn/common.js
154.93.243.215200 OK 1.2 kB IP 154.93.243.215:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ISO-8859 text, with very long lines (389), with CRLF line terminators
Hash c074b80815252d0f511dcda60d096e8e
4dea505b42dc8a0edd743f191f88ac1f88f98c2c
31c5de2a388340a7b7f027e61ea7eab58660897f3b75a0e9df6c35dc9158a07a
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.yituly.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yituly.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:49:37 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.yituly.cn/tj.js
154.93.243.215200 OK 272 B IP 154.93.243.215:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with CRLF line terminators
Hash 4da7c73acf3200cd3a29aa885178577f
8abbf2a10c39ba95b55643aa8b7ca04e31dea155
51e40841db7ab415dda758cb3ecbeb2fddddb7c5b19288823045025ccecc1f7b
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.yituly.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yituly.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:49:37 GMT
Content-Type: application/x-javascript
Content-Length: 272
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 13:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 13:15:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N5PUVAx9LsO-XM35ke-h14jUz2cD3BBwReRhus_lnxAoctxJMAaCmg==
Age: 2720
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:37 GMT
Last-Modified: Sun, 25 Sep 2022 12:38:13 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9yduW/aSUj5Zj3D6SyfMXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x/ujK/+60AlgA5rZw6UhOAZjHVo=
154.82.85.205/sese1.html
154.82.85.205200 OK 639 B IP 154.82.85.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e6970a8fefd637807121972b6f0286cb
565fb1cba197a7fe08e8266041be425e2ab89f54
a2dac39b60e248cf052da357664222ffd99f3b27d41eefe73f0c49a4fac927d6
GET /sese1.html HTTP/1.1
Host: 154.82.85.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yituly.cn/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:50:59 GMT
Content-Type: text/html
Last-Modified: Fri, 01 Jul 2022 10:51:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bed1b9-5a1"
Content-Encoding: gzip
www.yituly.cn/favicon.ico
154.93.243.215200 OK 663 B URL HTTP/1.1 www.yituly.cn/favicon.ico
IP 154.93.243.215:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (729), with CRLF line terminators
Hash abdad71c77353475f4e632e8fc341517
4a4076bbd54ff5d02fd8c0fa97dd0746dbce2190
dfd44328e56beea364901bea93e5282ba305776b1730e9a4299b94bfc0fc440c
GET /favicon.ico HTTP/1.1
Host: www.yituly.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yituly.cn/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:49:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4f9c4f4fae1b13e05da5ffd7a43dafcf
8a43c65cd05eede463bb13d7b5b21e0f1b3f7703
a3b73fce71c46ee397fa1740a7ef257bfc8c1170e9505da85d413be32a000d14
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 09:56:53 GMT
ETag: "8a43c65cd05eede463bb13d7b5b21e0f1b3f7703"
Last-Modified: Sun, 25 Sep 2022 09:56:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1863
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7504396c5ec60b65-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 13:49:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 13:49:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 58353
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 58340
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 57501
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bd3afd3069904500c28e9bb16587e8
a881666627e1077859ed1941cee576caf600d798
78a7b0a2127c583aba569abace503cff376cde67d5faa9a346c1494d91e8f3cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5172
x-amzn-requestid: d366d3e0-71d7-404c-a93b-3267852824ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_T5F5PoAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f78e5-52362b5f0dc1ee8951eebc07;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ean91lOEJLzLQFKy3gBuqD_G-BVw3SMuED20W6ixdkKYvVcMatdGJA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:23 GMT
age: 58216
etag: "a881666627e1077859ed1941cee576caf600d798"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 56830
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 716068d10c9e3a16d3a8e727992f71ec
f18edf7b5080b39e00bde335c16ca0f771428e8e
5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F8HfbDS4Ki85iwI7IgBulH70M3NwK6_-lmATgGp2myUTSlJKCDiScw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:26 GMT
age: 58213
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.yituly.cn/index.php
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.yituly.cn/index.php
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.yituly.cn/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yituly.cn/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 25 Sep 2022 13:49:39 GMT
hm.baidu.com/hm.js?7665327af4324554894b2d5e3e9ff291
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7665327af4324554894b2d5e3e9ff291
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (634)
Hash 4d7d5767f64e68f05ef139054a43741d
5e6d3bcc490df15f8ca8222b28c93b413ad5125b
04fc6e49cd0e51a914b501b1efad0ef40854a6fe3b685f887197ac42e7fc0ba1
GET /hm.js?7665327af4324554894b2d5e3e9ff291 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11347
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 13:49:39 GMT
Etag: 00bd01ef56f15e502aec257f08cb03fb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=86D414B6F16D3D8C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?05e48c780440f6054376905e09eece64
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?05e48c780440f6054376905e09eece64
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (643)
Hash 42803139253a3a5dbca16d9a521ac43e
d8f0608e0b63670097d457bfc146dfca966a28f3
293ffffb764a78d10f1eb26c4dc8271a83d8954737842ebedb6179d777bed6d2
GET /hm.js?05e48c780440f6054376905e09eece64 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11356
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 13:49:39 GMT
Etag: 8aa0e346959860c8c1af175aaf45c9c9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CEEB74255746ED2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?7d94a949509efd2bcb316b52915c1cec
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7d94a949509efd2bcb316b52915c1cec
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (631)
Hash 08824668eace3a75848d9269dccc4a29
186e0af5e7104f6820cbb8bb31234a51b3942ba9
25c7bbbec067c00344c0306df3e96faa4dd8138843a758646b0ebbb84b2a3dd7
GET /hm.js?7d94a949509efd2bcb316b52915c1cec HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11344
Content-Type: application/javascript
Date: Sun, 25 Sep 2022 13:49:39 GMT
Etag: 31968222c85dd43ba7fe70aaaac032e2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0947A9F7600FA280; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260651523&si=7665327af4324554894b2d5e3e9ff291&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260651523&si=7665327af4324554894b2d5e3e9ff291&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=260651523&si=7665327af4324554894b2d5e3e9ff291&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 13:49:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=32542D490EBAA451; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=630304535&si=05e48c780440f6054376905e09eece64&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=630304535&si=05e48c780440f6054376905e09eece64&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=630304535&si=05e48c780440f6054376905e09eece64&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 13:49:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E5D805E12DE7683F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853279837&si=7d94a949509efd2bcb316b52915c1cec&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853279837&si=7d94a949509efd2bcb316b52915c1cec&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=853279837&si=7d94a949509efd2bcb316b52915c1cec&v=1.2.97&lv=1&sn=49059&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.yituly.cn%2Findex.php&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E9%A2%8A%E4%BB%9D%E7%94%B5%E5%AD%90%E6%94%AF%E4%BB%98%E8%AE%BE%E5%A4%87%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yituly.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 13:49:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=615389081668A692; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
154.82.85.204/seystz.html
154.82.85.204200 OK 311 B URL HTTP/1.1 154.82.85.204/seystz.html
IP 154.82.85.204:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 67a0981ee7c8992f005633b90c73cac8
3b8cf0db093719edd67ed7ba30b44bcf1e10143e
192413a9b67eac5392d647013d3bfaf7e131bc8ef1689da4196a74425794c90b
GET /seystz.html HTTP/1.1
Host: 154.82.85.204
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://154.82.85.205/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 13:51:01 GMT
Content-Type: text/html
Content-Length: 311
Last-Modified: Tue, 20 Sep 2022 06:32:04 GMT
Connection: keep-alive
ETag: "63295e64-137"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96f3e3f24ea88090519c82e6167aef44
43116aee0035c94f2b6c899a191428b2447554ee
06d0b4e6237a8a5ff8e09ef2e407d4fa4bfeddd31e0cd5d4b0dec0e73c018627
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06D0B4E6237A8A5FF8E09EF2E407D4FA4BFEDDD31E0CD5D4B0DEC0E73C018627"
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5778
Expires: Sun, 25 Sep 2022 15:25:59 GMT
Date: Sun, 25 Sep 2022 13:49:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:41 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2021/06-17/18/o5fvclmruha1822o5fvclmruha243618.jpg
172.64.141.29200 OK 8.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/o5fvclmruha1822o5fvclmruha243618.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1a8a3bfcecbc90bb83ef5a43a36d4f70
d2b9494e2964238f7b9648cc4feba2bed81073b8
82ed70e89a6edfede5ed6b2af73a06aeff578cc4001119614f0795165eaebb8a
GET /upload/vod/2021/06-17/18/o5fvclmruha1822o5fvclmruha243618.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 8779
cf-bgj: h2pri
etag: "dff165aa6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:24 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvPbJOcXNlJTL2GbPGVOxiMn4E5sXHk4rzXPUpT3zX57GrCOD8FT1txV2SLIlxs2dgeoPK5k7Ns6ewnQ%2FcBzyDAkA7ABEF5lu9yapOx2WFpaQ0o6LcgnF2aBhH1wwv0fibwx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439812e49070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2021/06-17/18/3qpoe5xmhrw18223qpoe5xmhrw303630.jpg
172.64.141.29200 OK 8.1 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/3qpoe5xmhrw18223qpoe5xmhrw303630.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 83af2a600f4cecd27db7040500e9d8fd
8740d2e983552e6d32ead4cff69e3e3f67cba2d5
f51ee0f477a008fd1fcb83b6dcecaf168b31c00fcd359ac10ad761f3ade35f4e
GET /upload/vod/2021/06-17/18/3qpoe5xmhrw18223qpoe5xmhrw303630.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 8143
cf-bgj: h2pri
etag: "f81f0ad6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:30 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyGe3U2cLw1cx7z2%2B7kFRWZEI%2FhOvMCzAyrOC6XDtAvo3NsY6fpG0nKaAWKd1WM%2F6tkX8ajxwUfsBA4WNvVFEIkms6anRZrJRhvyNpdUzEEBdCsBFf2B%2BRRuWYTtg%2Bt%2BqS5y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439812e4a070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2021/06-17/18/fzm0dkbcmzw1822fzm0dkbcmzw293628.jpg
172.64.141.29200 OK 9.2 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/fzm0dkbcmzw1822fzm0dkbcmzw293628.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e0a4ce85d1cedebc21ea4c0f8670ee07
e9d33bb177b686c3449ee920d943d70923a52d94
14c192c50c642cce406167c7b44c1ebb50b7cfbfef259584243fe342d0afb39b
GET /upload/vod/2021/06-17/18/fzm0dkbcmzw1822fzm0dkbcmzw293628.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 9227
cf-bgj: h2pri
etag: "2d5546ad6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:29 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNpir7HC08HHbb41G9ng%2BrHoWB8bWf3jx9UIHtEiXlMEDe%2FQqEUFZhp%2FA2jlpEjlymWJj1Rgt50Q3QPYM3J%2BNksS0j2DrZZi7E93PjuesTTNWVr2TGwSQkfPt416HdlD984q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439812e4f070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79ddb4ab9a6aac7ca78016130dd04bf2
6f5e1e3a49a9b2d4685d94dfa3e3cbbd72fc0525
c2e2373039622b4eda169098cd773aaa56602d9699821aa37ae07aba9643a457
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:42 GMT
Last-Modified: Sun, 25 Sep 2022 12:58:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ad0a68d6d47bf10671b9042de699c8c0
f8afc55d351f95554dfea0751dfe3eebf5d1bf50
b67fea28ab4bff6e7152f9b6a5e8a61ea11944956ecad5d9546f9b6f10067b77
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=441
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ad0a68d6d47bf10671b9042de699c8c0
f8afc55d351f95554dfea0751dfe3eebf5d1bf50
b67fea28ab4bff6e7152f9b6a5e8a61ea11944956ecad5d9546f9b6f10067b77
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=441
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ad0a68d6d47bf10671b9042de699c8c0
f8afc55d351f95554dfea0751dfe3eebf5d1bf50
b67fea28ab4bff6e7152f9b6a5e8a61ea11944956ecad5d9546f9b6f10067b77
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=478
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ad0a68d6d47bf10671b9042de699c8c0
f8afc55d351f95554dfea0751dfe3eebf5d1bf50
b67fea28ab4bff6e7152f9b6a5e8a61ea11944956ecad5d9546f9b6f10067b77
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=478
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ad0a68d6d47bf10671b9042de699c8c0
f8afc55d351f95554dfea0751dfe3eebf5d1bf50
b67fea28ab4bff6e7152f9b6a5e8a61ea11944956ecad5d9546f9b6f10067b77
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=478
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
X-N: S
fmlb.netlbtu.com/upload/vod/2021/06-17/18/acqrnwxhlem1822acqrnwxhlem263622.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/acqrnwxhlem1822acqrnwxhlem263622.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 621fe4dfbe9a6fde3a3a5582466040e7
c043c8783f47f0280572a2be9e75e2b730a4652f
adb0a01f04c3ec2dfaebab59203eecf22c8c7da305854421eeab87fef06e620d
GET /upload/vod/2021/06-17/18/acqrnwxhlem1822acqrnwxhlem263622.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 11144
cf-bgj: h2pri
etag: "2782a4ab6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlV1QmTdeBZOrabq%2BPvOLovy1YOCEdVRGUIqQwiAclGucCi475FaaDEm8i%2BgVgNwQu6a7WdOIixyuJtxWIqcY5ZAubTVLTYb1daDahppgyxiHQk2tfsRUPyKUPDjzRwzzDPa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75043982e881070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2021/06-17/18/gptpc3o14ec1822gptpc3o14ec253620.jpg
172.64.141.29200 OK 9.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/gptpc3o14ec1822gptpc3o14ec253620.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9f475d2ae5ad42f2b95a240523e5f35b
06564e3b3330313d51a0b473005af1a25baa5651
251c73b418901c45026cd5230af89265a5ded9af6613c955409b2558165729d3
GET /upload/vod/2021/06-17/18/gptpc3o14ec1822gptpc3o14ec253620.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 9827
cf-bgj: h2pri
etag: "2b0f1aa6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBNipHO2ZXGxu1PAeUgdkwKaA8C%2B6SMJKLxqrhxxZaHTvo6KB8KSwHTtMFsx4DlLYlrij6Zy4gpIqS7Bcuw%2FKmhl%2BG4Yp67xH5bYXpK%2B52VM32SPRCcgR9cIjFszyFnwzY7d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398308a1070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2021/06-17/18/z2i3rye5o211822z2i3rye5o21283626.jpg
172.64.141.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/z2i3rye5o211822z2i3rye5o21283626.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d280edfdf837961d276b483eb1c7626d
c55cb29a18ddae2b500f3466fa23bd6e076c63ab
8fe7b71b383693a1815c2427fa61467221a7b06e358ed3e3f83a69660ea96288
GET /upload/vod/2021/06-17/18/z2i3rye5o211822z2i3rye5o21283626.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 11306
cf-bgj: h2pri
etag: "d77dbbac6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0c4Eojitzt7PMQTz2FD%2BWly3c1a9%2BFWTxlJ3Y9Ob1PXiFTeH%2FqShGgxPvGuhdOFnaJeQFaGdW0rIQIWkldP9gJDskdS6bE%2FMemXhbYseG2vpKLj%2F2B8kK835mkgCre%2BiYZo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398318ba070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2021/06-17/18/fdlz3iyaog41822fdlz3iyaog4273624.jpg
172.64.141.29200 OK 10 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2021/06-17/18/fdlz3iyaog41822fdlz3iyaog4273624.jpg
IP 172.64.141.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 809c1765e68469f1edab71f536645a1a
fcf6ed704426423d9b1cbf4413b4ac63b51ac07b
5c3044d7c22be74df768749f18328ed3d4886a223efcad1ecd6a1fbb7f022f90
GET /upload/vod/2021/06-17/18/fdlz3iyaog41822fdlz3iyaog4273624.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:42 GMT
content-type: image/jpeg
content-length: 10176
cf-bgj: h2pri
etag: "249033ac6263d71:0"
last-modified: Thu, 17 Jun 2021 10:22:27 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phA68VeDRmPqoIKJnEaBlIBalOtFW1OBuGJrn4k6vxlduleIarEbz4YqfIFgqcShngj0szpA9c9SQU4UbempHmL3X0FUlMk%2BQeUxJOzxXlzLhUOATmeQnpGX1V7TwmU%2B07%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398328e0070e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1c81ea322839ce1dbd6cee6a2347db1
93d8dd6cdafd531fbe868bad56513ac3010dd7fd
d3127a87ad5d61733942adef60ee1e170b69de490f642f1e0c5e5dd78b1eabb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3127A87AD5D61733942ADEF60EE1E170B69DE490F642F1E0C5E5DD78B1EABB7"
Last-Modified: Sun, 25 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18795
Expires: Sun, 25 Sep 2022 19:02:57 GMT
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b977d8660083f53ac79b0c4a5874fbe
77626c23f5de86e179b0da61b2f4110ec56a967a
09b6b585f34e619779af5bbf4f6450850489c9669133ed39d2038d1881e90a88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09B6B585F34E619779AF5BBF4F6450850489C9669133ED39D2038D1881E90A88"
Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5812
Expires: Sun, 25 Sep 2022 15:26:34 GMT
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1c81ea322839ce1dbd6cee6a2347db1
93d8dd6cdafd531fbe868bad56513ac3010dd7fd
d3127a87ad5d61733942adef60ee1e170b69de490f642f1e0c5e5dd78b1eabb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3127A87AD5D61733942ADEF60EE1E170B69DE490F642F1E0C5E5DD78B1EABB7"
Last-Modified: Sun, 25 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18876
Expires: Sun, 25 Sep 2022 19:04:18 GMT
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 145460d390f3f2226db35f73f5cbb9c4
aca150d9db2674cb8dc12eb550300f9638546965
ef98ccb981e839b64d34f9b5f6ac89b251b2b5290671a309440318839b332f56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF98CCB981E839B64D34F9B5F6AC89B251B2B5290671A309440318839B332F56"
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 19:49:42 GMT
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b977d8660083f53ac79b0c4a5874fbe
77626c23f5de86e179b0da61b2f4110ec56a967a
09b6b585f34e619779af5bbf4f6450850489c9669133ed39d2038d1881e90a88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09B6B585F34E619779AF5BBF4F6450850489C9669133ED39D2038D1881E90A88"
Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Sun, 25 Sep 2022 19:48:45 GMT
Date: Sun, 25 Sep 2022 13:49:42 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/images/2022/05/23/youma22611.jpg
172.247.77.90200 OK 168 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22611.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Size 168 kB (167767 bytes)
Hash 721a523d873993afa18ba19e7d2ec044
6df6b75ba47dcb45753a4c52b518023733a5ef1f
5c8ed56f3a676f8acae90e80683995193a54cd110becf0e888a98bac0adbd381
GET /images/2022/05/23/youma22611.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 167767
Last-Modified: Wed, 10 Aug 2022 11:52:13 GMT
Connection: keep-alive
ETag: "62f39bed-28f57"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22613.jpg
172.247.77.90200 OK 171 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22613.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 171 kB (171347 bytes)
Hash 7a28bf67819c1c3bf0c6159158d6ec36
f8a6c0be3f493eea324a3711754de0e470dc1db4
1aacd1b25c208d1efa23044bc44e5bf12df76db1c1f838a92eae56b00c894bb7
GET /images/2022/05/23/youma22613.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 171347
Last-Modified: Wed, 10 Aug 2022 11:39:28 GMT
Connection: keep-alive
ETag: "62f398f0-29d53"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22602.jpg
172.247.77.90200 OK 179 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22602.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Size 179 kB (179200 bytes)
Hash 2a11fc00a886c320d98962bebd8bb1cd
8363ffc61be7455576ddde66ff509cd2cd884dfd
7afb745d447d3366c48a4478b4e29b82495af2ea87c3f8922f3bdc47d6e755a0
GET /images/2022/05/23/youma22602.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 179200
Last-Modified: Wed, 10 Aug 2022 11:49:09 GMT
Connection: keep-alive
ETag: "62f39b35-2bc00"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22603.jpg
172.247.77.90200 OK 175 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22603.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 175 kB (175049 bytes)
Hash 224b7952f7b3d444ccde2cb227131dd7
d9e5c1cf11369e09bf572769c342169d705b30de
adab7cb39f1b856be43ad7eb1f13707aeb176ddb08834d1375e53f9ee3a4b4d9
GET /images/2022/05/23/youma22603.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 175049
Last-Modified: Wed, 10 Aug 2022 12:04:15 GMT
Connection: keep-alive
ETag: "62f39ebf-2abc9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
IP 142.250.74.3:0
Hash 1311361027205f5ad4777a7fd8daae28
b623db7929dd749b7f6d743999ebf3bddb3a336a
fcb5119ea577aca44d5a49c4507789958db2ce8b11d9511e674a4f2dc684fd8c
POST /s/gts1p5/QOjNzpBth-A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tukudhgg.vip/logotp/xc02.gif
172.67.208.179200 OK 397 kB URL HTTP/2 tukudhgg.vip/logotp/xc02.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 272 x 272\012- data
Size 397 kB (397251 bytes)
Hash 66ece7346a37c9793896b4dcffc0aa33
1ede3c927fc4c1a960463595289914f0a681ebe7
bf6660578b978113e0c2a1a5ad09dd8d355ab591a16670be0dfb1a2a3eabea30
GET /logotp/xc02.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 397251
last-modified: Sat, 21 May 2022 07:02:33 GMT
etag: "62888e89-60fc3"
expires: Sat, 15 Oct 2022 16:16:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 855074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmSbgymPlv4XAKkVzc0ITjCX6dVe8neXzYcOBZ1NcGuCkUzqxeRf5nC%2BcNo5zlSXMTCoLZcwdo4NlQV54cMRTCxjpqwI3ooZGhTyLf5PGUvD9JsP6juTt3hxmB%2FX%2FSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398858e0b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/images/2022/05/23/youma22612.jpg
172.247.77.90200 OK 233 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22612.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 233 kB (232788 bytes)
Hash 1ea1d12a4b88756c1615fb2ac271bbbf
943bc4f50379bc6dcb2448b8e0bf6e7043beb2c6
0a2b9ff25c444dfb8bd6c57cfe92da3b4de6d25dd07995411b9184bf521a6d9c
GET /images/2022/05/23/youma22612.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 232788
Last-Modified: Wed, 10 Aug 2022 11:39:30 GMT
Connection: keep-alive
ETag: "62f398f2-38d54"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
tukudhgg.vip/logotp/tiangx01.gif
172.67.208.179200 OK 193 kB URL HTTP/2 tukudhgg.vip/logotp/tiangx01.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 193 kB (192700 bytes)
Hash 1f96742e79c464754770d21b824c422e
2eacc04050d6b364ca38e67f740f5019ba609d72
90b4a34013848befc26d1e21f30afa75bb896fb8775cfb283e0d1f4d9bc1a294
GET /logotp/tiangx01.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 192700
last-modified: Sun, 19 Jun 2022 13:11:00 GMT
etag: "62af2064-2f0bc"
expires: Mon, 24 Oct 2022 06:38:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 72019
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3FS5rOwNYyi3kGeLRrgqAS4i6FU12ephEflaulKcMac4QX0hlkBRBPyH6hEcCBYmBBrwwTqqpEecALx%2FeqiuMOgVusTiaOD4jaFyW1Mhd3Eh2Dg%2FgqOFx1O2fLxv4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398858e3b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.sedxrc.top/template/m1938pc/css/ate.css
156.240.215.230200 OK 520 kB URL HTTP/2 www.sedxrc.top/template/m1938pc/css/ate.css
IP 156.240.215.230:0
Size 520 kB (519531 bytes)
Hash 6bdeec652f1797ee9ca168b737db5977
edaf676751967914b23a6aa030d66960189b84a3
970678ed3316662cc9397ebc6c3ccaa3fa922c82af1aab84200d596aa9d1bc12
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:06 GMT
content-type: text/css
last-modified: Fri, 07 May 2021 10:47:34 GMT
vary: Accept-Encoding
etag: W/"60951ac6-126e4"
expires: Sun, 25 Sep 2022 14:33:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.tukudhgg.vip/lm/0yFUidjGHhQ.gif
172.67.208.179200 OK 121 kB URL HTTP/2 www.tukudhgg.vip/lm/0yFUidjGHhQ.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /lm/0yFUidjGHhQ.gif HTTP/1.1
Host: www.tukudhgg.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 121040
last-modified: Thu, 07 Jul 2022 07:36:06 GMT
etag: "62c68ce6-1d8d0"
expires: Sat, 22 Oct 2022 11:47:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 226311
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQZjxraGJhlHBReX4yH%2Fq5uAbujTUsAWlWEXt9enu2XM3Zf2%2Fl46DpoeWgXtbt3OTn2UFfODxTvHgef8rD5ckO%2F8S0i15DfOQzN8Z%2FoxNrv9i6rMc%2FDGiK0909tmjghxhOOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398858ecb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a0e0263bf781d8018200f18188990a6e
112d55425c735f9f226eb619a6a727c377c823f5
fca71679b0c513e6b5eb7f828c4ea169248c42d239b1daeb9f60283184bf4734
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Server: ECS (amb/6BBB)
Content-Length: 278
ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
IP 142.250.74.3:0
Hash 1311361027205f5ad4777a7fd8daae28
b623db7929dd749b7f6d743999ebf3bddb3a336a
fcb5119ea577aca44d5a49c4507789958db2ce8b11d9511e674a4f2dc684fd8c
POST /s/gts1p5/QOjNzpBth-A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tupku.top/hf/ztvo555.gif
104.21.82.102200 OK 260 kB IP 104.21.82.102:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 260 kB (260250 bytes)
Hash 3c38f626fe18a3854a48bdd75014a35a
798db446f32550974f8d23ed38e7443bc704a7c5
3f2337a9e2991779b55c477192c303230079503e60e568982b32df7eca629d0a
GET /hf/ztvo555.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 260250
last-modified: Wed, 14 Sep 2022 16:15:42 GMT
etag: "6321fe2e-3f89a"
expires: Wed, 19 Oct 2022 16:51:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 467239
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL4xZhOrCq61EoZyo8kPAuRBUpYRmoscuetsndQ%2B2AozgSFD50uorDIIDOXT%2Fg9sruwSJY37oxin41l%2BA%2BQ85Gp2yUboiZrwr94DAmt%2FfRbu1cw8j0Nz4Dj7PTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398939aa1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.sedxrc.top/
156.240.215.230200 OK 177 kB IP 156.240.215.230:0
Size 177 kB (176650 bytes)
Hash 16d55adf1a4e7c93362dcfe5bccb2468
d686f7ff7861b48ea15ef7a335964a44eafa1540
e3d040eec135d39fde3820d6f572699cea1f72ccb6e463a4aef331ecae5ab608
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://154.82.85.204/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:06 GMT
content-type: text/html;Charset=utf-8;charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=045f4ce6mcirmvq20f58mjtstp; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.sedxrc.top/template/m1938pc/static/images/lazyload.gif
156.240.215.230200 OK 1.6 kB URL HTTP/2 www.sedxrc.top/template/m1938pc/static/images/lazyload.gif
IP 156.240.215.230:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 03ce3dcc84af110e9da8699a841e5200
d2b7e4e31fe8e1c6b720e33448674102879e4246
d3e3944d4649450dee66a55c69eeced2d825b6ca1a349f72c75fd3780ae3f006
GET /template/m1938pc/static/images/lazyload.gif HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/template/m1938pc/static/css/style2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:08 GMT
content-type: image/gif
content-length: 1553
last-modified: Wed, 10 Aug 2022 09:15:32 GMT
etag: "62f37734-611"
expires: Tue, 25 Oct 2022 02:33:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tukudhgg.vip/logotp/xpj200.gif
172.67.208.179200 OK 423 kB URL HTTP/2 tukudhgg.vip/logotp/xpj200.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 423 kB (422639 bytes)
Hash e9fbb3e8331bcc6b705b7bc3c44a22bb
6f1c2c9b38a1f5c31e0d59d8f2bec101b5cbb329
bb0c7a32e541641e9c3f5899048ec245463de2bc5efc698b1e6bc528e8e2951a
GET /logotp/xpj200.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 422639
last-modified: Sat, 10 Sep 2022 08:46:22 GMT
etag: "631c4ede-672ef"
expires: Mon, 10 Oct 2022 14:18:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1294220
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS0IAKMMJF5315WiKkDfqsAGkZAANMAFeHw15yc4zzX6%2FxXPNShvO095xoVuMq1bB%2Fz%2BZ99U8J54iHUbJ9JdESTj960t2pl7%2BK0ohKZtnH8%2Fk7ugHVCUn4Mp2RNIaiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439897af3b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupku.top/logotp/fff.gif
104.21.82.102200 OK 109 kB IP 104.21.82.102:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 109 kB (108625 bytes)
Hash 7f746939550d2ae41686ebf019a90ed7
8fccfd19873d3f91ba8b2d36680c42b650c653b2
16b6f5f802abc23c5788ad49bf0d3036db36fac0fd728e19548de61c54316252
GET /logotp/fff.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 108625
last-modified: Sun, 19 Jun 2022 13:14:28 GMT
etag: "62af2134-1a851"
expires: Wed, 19 Oct 2022 16:51:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 467239
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG%2Fhw4OgPDIjLBYABDuHZckVEQbTzW3OY2yXRSzDqPG3ankvwhSaZYVwhsM7W4v294WzwEPS39OQXe7ZfV%2BbAKj7XX2utjbDAoImsgqfO7h8vFXdFHszfIp9FZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439898a011c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
IP 142.250.74.3:0
Hash 1311361027205f5ad4777a7fd8daae28
b623db7929dd749b7f6d743999ebf3bddb3a336a
fcb5119ea577aca44d5a49c4507789958db2ce8b11d9511e674a4f2dc684fd8c
POST /s/gts1p5/QOjNzpBth-A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
IP 142.250.74.3:0
Hash 1311361027205f5ad4777a7fd8daae28
b623db7929dd749b7f6d743999ebf3bddb3a336a
fcb5119ea577aca44d5a49c4507789958db2ce8b11d9511e674a4f2dc684fd8c
POST /s/gts1p5/QOjNzpBth-A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tupku.top/logotp/xfb20.gif
104.21.82.102200 OK 104 kB URL HTTP/2 tupku.top/logotp/xfb20.gif
IP 104.21.82.102:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 104 kB (104154 bytes)
Hash 6553288173706db890b5934ca6e5fa82
309e0cd019f8614179d507151a9d064db1b49803
e156a5a08f34a3969f19c8a8c808b06d1396a496f3678f7c4ff4c5f8b4c2d968
GET /logotp/xfb20.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 104154
last-modified: Fri, 15 Apr 2022 17:52:25 GMT
etag: "6259b0d9-196da"
expires: Wed, 19 Oct 2022 16:51:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 467239
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BCm7nbTHjQ9qRDi3r9dIEQgkuklN1D3UjNWpmwSg%2FoO1CQDjTo5B9XMFGJM1vrAqphly87GvifQYGmzIkmztfScFl0kAFQEh6xwnXQl7%2Blju%2FklOWfa6Egg%2FrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75043989ba401c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/images/2022/05/23/youma22604.jpg
172.247.77.90200 OK 190 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22604.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x537, components 3\012- data
Size 190 kB (190228 bytes)
Hash 9cc5349be4eebd473179b16e1aa83359
04d66b2574a542f0d9b9365f1f23c59cc57d363d
d11b7b0897249bf850f04709dd3b5d91cda53a26a2188f60e48f4c0c62c6d209
GET /images/2022/05/23/youma22604.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 190228
Last-Modified: Wed, 10 Aug 2022 11:52:23 GMT
Connection: keep-alive
ETag: "62f39bf7-2e714"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22610.jpg
172.247.77.90200 OK 199 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22610.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 199 kB (199183 bytes)
Hash a887bc95a692a2f192a11acdacf8ef83
18f0f32690eaf4536143369b85b3689f2291452b
b5920cc3d2a17aa0bed8437f15dd5ac5ebf11131b7bfd7acb56db56b32e94292
GET /images/2022/05/23/youma22610.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 199183
Last-Modified: Wed, 10 Aug 2022 11:53:39 GMT
Connection: keep-alive
ETag: "62f39c43-30a0f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOjNzpBth-A
IP 142.250.74.3:0
Hash 1311361027205f5ad4777a7fd8daae28
b623db7929dd749b7f6d743999ebf3bddb3a336a
fcb5119ea577aca44d5a49c4507789958db2ce8b11d9511e674a4f2dc684fd8c
POST /s/gts1p5/QOjNzpBth-A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ddcdn.comtucdncom.com/images/2022/05/23/youma22605.jpg
172.247.77.90200 OK 201 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22605.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 201 kB (201046 bytes)
Hash b23c810d38de6da2a7ed8a4d36aa9d89
c69b2a3a2cebc5a1369651038630510b4166be0e
f31fd09db96504f3973f38f88892ec8a4d8c5277f92b9ee55ee64e76616670e9
GET /images/2022/05/23/youma22605.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 201046
Last-Modified: Wed, 10 Aug 2022 11:43:11 GMT
Connection: keep-alive
ETag: "62f399cf-31156"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
aoattsetp.vip/logotp/wt01.gif
172.67.194.142200 OK 479 kB URL HTTP/2 aoattsetp.vip/logotp/wt01.gif
IP 172.67.194.142:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 479 kB (479032 bytes)
Hash 7f8ee4f985772f6a9c0256ae8b86186d
69a2b0b1d7e19fb38d21533fd22eff1bcf1f9abd
f3458aa5d6e2c3ba4a261dedd7a76da61915b7b2911d19b05cf23d6b04b40117
GET /logotp/wt01.gif HTTP/1.1
Host: aoattsetp.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 479032
last-modified: Mon, 02 May 2022 08:41:22 GMT
etag: "626f9932-74f38"
expires: Sun, 23 Oct 2022 23:12:25 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 98786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBdagGA1zjdkukxphTLFUVjz0sCvmngq38Sv2xHHR2m44g%2BtHbGR39YX%2FijBKUWe%2BEKsOmUF36J1Kt%2BT8ONql3oNQmq1iAL7opDecs9tgPDiC6m7YqrhUTfURYLQnadS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75043989a93cb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdxjs.top/ggdy/shf.js
154.82.85.207200 OK 2.2 kB IP 154.82.85.207:0
Hash 12f3ae9bdc1308527ecfb334263c57e7
98f174f98afabaa4633464cbfc46ae9b292a825f
fbb2aa5111c2898d5ed98c2e842992dbc17f021729352ee39a7ba6350209f6b1
GET /ggdy/shf.js HTTP/1.1
Host: sdxjs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:51:04 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 13:48:31 GMT
vary: Accept-Encoding
etag: W/"632f0aaf-107c"
expires: Mon, 26 Sep 2022 01:51:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4bb707291a3847ea64eae933145ea661
a6efbe7d9cc86991153ebdde0a6b66b86d416364
788914106e4d875e01c52e162f39b3b42c9d124d927380ca942110ba6e5a29a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1829
Expires: Sun, 25 Sep 2022 14:20:12 GMT
Date: Sun, 25 Sep 2022 13:49:43 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/images/2022/05/23/youma22606.jpg
172.247.77.90200 OK 208 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22606.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 208 kB (208491 bytes)
Hash c027c6668762d99dd2e63c380e3415a3
dba7ec60eb93ac02a99e6e43afd42ecb3a33fdbd
47454099d57483be8661a4a5c136e2618e42698beed4bfde8487963f014b0bd8
GET /images/2022/05/23/youma22606.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 208491
Last-Modified: Wed, 10 Aug 2022 12:00:28 GMT
Connection: keep-alive
ETag: "62f39ddc-32e6b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22607.jpg
172.247.77.90200 OK 217 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22607.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 217 kB (217143 bytes)
Hash 52233438bdc909bb482bb64fae24521e
ab3ad12e9937be4fb71ffc6ff9e418b7b3939a3c
238609192d929b4d04585487085b8ffa753b32443c8b0693a32e8a5341498e51
GET /images/2022/05/23/youma22607.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 217143
Last-Modified: Wed, 10 Aug 2022 11:56:23 GMT
Connection: keep-alive
ETag: "62f39ce7-35037"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
sdxjs.top/ggdy/logo.js
154.82.85.207200 OK 2.1 kB IP 154.82.85.207:0
Hash a87edc79977b6083d1a1c51f3fdddbdc
aec168d1b34ec6136c20dca3d700f78912ff1afa
45c909b0668ba14c7ef00b32323a91caa029965214b9e0d36be2c486c91f8674
GET /ggdy/logo.js HTTP/1.1
Host: sdxjs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:51:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:01:53 GMT
vary: Accept-Encoding
etag: W/"632b4381-309c"
expires: Mon, 26 Sep 2022 01:51:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.sedxrc.top/template/m1938pc/static/css/style2.css
156.240.215.230200 OK 27 kB URL HTTP/2 www.sedxrc.top/template/m1938pc/static/css/style2.css
IP 156.240.215.230:0
Hash 498de7ef3d092bb986453dbac1524b7d
229d0758ce0077af9f238bb120b0fe8312ed95b4
dfeab520f4c69f6bc655276b3b5b052faf23fcb6d924bccb7ec802807320b76a
GET /template/m1938pc/static/css/style2.css HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:06 GMT
content-type: text/css
last-modified: Wed, 10 Aug 2022 08:59:49 GMT
vary: Accept-Encoding
etag: W/"62f37385-1c55b"
expires: Sun, 25 Sep 2022 14:33:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4bb707291a3847ea64eae933145ea661
a6efbe7d9cc86991153ebdde0a6b66b86d416364
788914106e4d875e01c52e162f39b3b42c9d124d927380ca942110ba6e5a29a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1829
Expires: Sun, 25 Sep 2022 14:20:12 GMT
Date: Sun, 25 Sep 2022 13:49:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a0e0263bf781d8018200f18188990a6e
112d55425c735f9f226eb619a6a727c377c823f5
fca71679b0c513e6b5eb7f828c4ea169248c42d239b1daeb9f60283184bf4734
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Server: ECS (amb/6BC5)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a0e0263bf781d8018200f18188990a6e
112d55425c735f9f226eb619a6a727c377c823f5
fca71679b0c513e6b5eb7f828c4ea169248c42d239b1daeb9f60283184bf4734
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 13:49:43 GMT
Last-Modified: Sun, 25 Sep 2022 13:49:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
tupkku.top/logotp/xfb66.gif
104.21.51.97200 OK 624 kB URL HTTP/2 tupkku.top/logotp/xfb66.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /logotp/xfb66.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 623748
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-98484"
expires: Sat, 22 Oct 2022 19:02:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 200163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLh7WLorxTtaoWAf3t95e7OKhSm1DVwxhG8bSRW7yk9BZAis2w3BzzFsaduczKun1RsJakBwqrTo2QiBq9PIf2SFZPoDpYn1Nx3hoh5cSqGkJAqUgQOgtFjyy6nQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398a68a2b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupkku.top/logotp/tfb08.gif
104.21.51.97200 OK 179 kB URL HTTP/2 tupkku.top/logotp/tfb08.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 162 x 162\012- data
Size 179 kB (178751 bytes)
Hash 6e42e73ad8e2ce51cf0f204fe0ac2483
5f20c5551c711f648bff9c33d88d4bd4c0392330
a4515d09fe1e74d422a9bb636011f348dc4670fc21438f6f1c5e7441faca83ac
GET /logotp/tfb08.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 178751
last-modified: Fri, 15 Apr 2022 17:51:37 GMT
etag: "6259b0a9-2ba3f"
expires: Sat, 22 Oct 2022 11:47:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 226311
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXZlyNRVaPsT0vquQmuSJNCDGZeWh1FAmZQixGwfRucOdqMVzQtyI2hJ2M0lH%2B%2BCcdzRRKSHyuXJbEPaqlqDhNefs8vsgKc2dr%2FrXq1omgClF39tVP1Qe1ib9eDq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398a78c7b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.sedxrc.top/template/m1938pc/static/css/index.3e73f18a.css
156.240.215.230200 OK 451 kB URL HTTP/2 www.sedxrc.top/template/m1938pc/static/css/index.3e73f18a.css
IP 156.240.215.230:0
Size 451 kB (450934 bytes)
Hash 7512da4d6c8f882a7314845e50eee724
efec10726a2f35f385a314f9e56b7e849723beb8
72089d3e474a218040765c525da4bf260198fbfa59e12cf41fcac1a2eb04ba4c
GET /template/m1938pc/static/css/index.3e73f18a.css HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:06 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 04:07:00 GMT
vary: Accept-Encoding
etag: W/"62734d64-378c7"
expires: Sun, 25 Sep 2022 14:33:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4bb707291a3847ea64eae933145ea661
a6efbe7d9cc86991153ebdde0a6b66b86d416364
788914106e4d875e01c52e162f39b3b42c9d124d927380ca942110ba6e5a29a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "788914106E4D875E01C52E162F39B3B42C9D124D927380CA942110BA6E5A29A4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1829
Expires: Sun, 25 Sep 2022 14:20:12 GMT
Date: Sun, 25 Sep 2022 13:49:43 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/images/2022/05/23/kj21241.jpg
172.247.77.90200 OK 195 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/kj21241.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 195 kB (195310 bytes)
Hash baf983ba0cebcd6b51dae6597889ce26
100ef5bf02150c4d8efa1e83acba064b6e431e50
b86b9e8257a1167fb05be0292206b1827bb856cc00084920d95f9527ee2cab7b
GET /images/2022/05/23/kj21241.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:53 GMT
Content-Type: image/jpeg
Content-Length: 195310
Last-Modified: Wed, 10 Aug 2022 11:35:08 GMT
Connection: keep-alive
ETag: "62f397ec-2faee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22608.jpg
172.247.77.90200 OK 158 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22608.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 158 kB (158463 bytes)
Hash 874ce969de059599e48505749db30465
bf803f09377867a89267b5efb32b33e4efd269b1
1f04f72ecf6b8de1d0279d6c90eff242fd112ea1052dde66309d86956c645bd2
GET /images/2022/05/23/youma22608.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 158463
Last-Modified: Wed, 10 Aug 2022 11:50:09 GMT
Connection: keep-alive
ETag: "62f39b71-26aff"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/20/youma22588.jpg
172.247.77.90200 OK 198 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/youma22588.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 198 kB (198205 bytes)
Hash 383f574456caee91a78abc24a029747e
0e374293aff972ad70912daf45b0c04d3d24d4b7
941ca59eebe1d3c15c1fc0b9786af9bfdf86b3dd26b03fd916d2ebed7b5c3b5c
GET /images/2022/05/20/youma22588.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 198205
Last-Modified: Wed, 10 Aug 2022 11:54:14 GMT
Connection: keep-alive
ETag: "62f39c66-3063d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/20/youma22587.jpg
172.247.77.90200 OK 168 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/youma22587.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x505, components 3\012- data
Size 168 kB (168134 bytes)
Hash 5b17028c0867e972e578d13be95edf02
33fb150d34eba6550930cec4465648943cec3c2a
4db1e4f5c881c7b2eefc5803f7b497cd6eaf377deb9e4e39c953702973cde4f4
GET /images/2022/05/20/youma22587.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 168134
Last-Modified: Wed, 10 Aug 2022 11:49:50 GMT
Connection: keep-alive
ETag: "62f39b5e-290c6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/23/youma22609.jpg
172.247.77.90200 OK 237 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/23/youma22609.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 237 kB (236930 bytes)
Hash 5e53d4bb111c0b1bd22614c6a7338c68
3cfc359a5112954d6d567b463d6f06d5660d7891
750d0650e28bd3b27d018748b45681e5d762388f3a0502c5c4869e4004aae5e5
GET /images/2022/05/23/youma22609.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 236930
Last-Modified: Wed, 10 Aug 2022 11:49:14 GMT
Connection: keep-alive
ETag: "62f39b3a-39d82"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/20/youma22579.jpg
172.247.77.90200 OK 170 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/youma22579.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x540, components 3\012- data
Size 170 kB (170441 bytes)
Hash 4b226b2e728fd7d9b8121ee8b9e8f1a2
2fc934f7b41fabdeb857d172536aca10274cb83c
c5e2dfb51a3472d0dc88882e8acafdd335400a34f369786a309966e5017df9c6
GET /images/2022/05/20/youma22579.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 170441
Last-Modified: Wed, 10 Aug 2022 11:38:56 GMT
Connection: keep-alive
ETag: "62f398d0-299c9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26898a55724b5656822515877ab238a
5113dc6f5f9ac77ec590d9108c3be2bc42d1f654
f6703e685037b62c394c03d16e386c1cece522bf3f4892e5ad0f23032e89fa18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6703E685037B62C394C03D16E386C1CECE522BF3F4892E5AD0F23032E89FA18"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12803
Expires: Sun, 25 Sep 2022 17:23:06 GMT
Date: Sun, 25 Sep 2022 13:49:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4868996377ef12bc8a5489cb102717e
32cd046da372bd26effa0464754a58406a7b9ffc
1d530e963c638ec05f09710188f1c1e57ec46ff7be6392f603f8fc26c6c72ce0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D530E963C638EC05F09710188F1C1E57EC46FF7BE6392F603F8FC26C6C72CE0"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 19:49:43 GMT
Date: Sun, 25 Sep 2022 13:49:43 GMT
Connection: keep-alive
raw.githubusercontent.com/laosu9898/shantu/main/960x240.gif
185.199.108.133200 OK 473 kB URL HTTP/2 raw.githubusercontent.com/laosu9898/shantu/main/960x240.gif
IP 185.199.108.133:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 473 kB (473262 bytes)
Hash 684975669f3b5ba70edcd50162b63ec7
263b1e0cb976ff53e2c20842bbc70ea2da74a4e3
df3cfebd0dcd82ea8335969d8c2bbb8b1c71a307fd40c1ca7f52e6d0c5e07d6a
GET /laosu9898/shantu/main/960x240.gif HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/gif
etag: W/"69409335def275b79efcbf7873744be9fae24fec05ff84dd0e622165171add37"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 5206:0B7D:478A75:73019E:63305C77
accept-ranges: bytes
date: Sun, 25 Sep 2022 13:49:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664113783.064258,VS0,VE600
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 8febc36d535732984199901bf6574e968031ea49
expires: Sun, 25 Sep 2022 13:54:43 GMT
source-age: 0
content-length: 473262
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/images/2022/05/20/kj21762.jpg
172.247.77.90200 OK 170 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/kj21762.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 170 kB (170097 bytes)
Hash e4ef27a73c0b6a7e3938d55a05921f76
436a295d919f1ee0665107033bbe0b158920fa08
04186d8922a32851c983a42078211e5e8bdebec6aeb0dca78d9f1e794c59efd6
GET /images/2022/05/20/kj21762.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 170097
Last-Modified: Wed, 10 Aug 2022 11:37:49 GMT
Connection: keep-alive
ETag: "62f3988d-29871"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/20/youma22578.jpg
172.247.77.90200 OK 134 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/youma22578.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 134 kB (133672 bytes)
Hash d8caf59c76de0b07881ea95d8339ef83
6ed55a59b0c9710030c8a83a94d67349949a9049
ec4365ee6a9d17057c4a83c3f15b99543f243c0f3fa06e59d1d17d91172f7fa9
GET /images/2022/05/20/youma22578.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 133672
Last-Modified: Wed, 10 Aug 2022 11:35:30 GMT
Connection: keep-alive
ETag: "62f39802-20a28"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/images/2022/05/20/kj21772.jpg
172.247.77.90200 OK 172 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/kj21772.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 172 kB (171845 bytes)
Hash 48886ff1084409cd1b3e3c208aa23c29
91e508759169a1f5645c90b163ccedc99091da98
75b9d72c0998840f34049c32ec88d17371bb750d3732550f0c2bc8311707af3b
GET /images/2022/05/20/kj21772.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 171845
Last-Modified: Wed, 10 Aug 2022 11:46:41 GMT
Connection: keep-alive
ETag: "62f39aa1-29f45"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.sedxrc.top/template/m1938pc/css/zui.css
156.240.215.230200 OK 31 kB URL HTTP/2 www.sedxrc.top/template/m1938pc/css/zui.css
IP 156.240.215.230:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 8e6f6d7b767faaf52eb2c5aaf6e262c4
074e4394109dc663859c77e2f410dba7af10843b
f5a3a753c9679b91a8e60028da842bc0a900a1c70427ebd3efa84fb150d2d1e0
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.sedxrc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:33:06 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 14:47:47 GMT
vary: Accept-Encoding
etag: W/"628f9313-1679e"
expires: Sun, 25 Sep 2022 14:33:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/20210731-1/5f7bf6cee50cb60fcca47607672b3c2e.jpg
172.247.77.90200 OK 165 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210731-1/5f7bf6cee50cb60fcca47607672b3c2e.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 165 kB (165387 bytes)
Hash 8612e9ede246c7624b3664b055cc41c3
fce7b559c54658186a635cb1fc226a8ae5ec3e50
ff8170df74054100d371c64c3c892e3ddcb41de912a7527c043a7bb475e2cdef
GET /upload/vod/20210731-1/5f7bf6cee50cb60fcca47607672b3c2e.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 165387
Last-Modified: Wed, 10 Aug 2022 11:53:34 GMT
Connection: keep-alive
ETag: "62f39c3e-2860b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/20210801-1/7ba2dcb873c28afd8c7dc18841f0e907.jpg
172.247.77.90200 OK 220 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210801-1/7ba2dcb873c28afd8c7dc18841f0e907.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 220 kB (219563 bytes)
Hash 05160dbd89d05da84d4574b8ce1e023b
9b283f1b95a9ba03c7b19babf0d37db4171d8be1
c1bac37c249228dd5aa30e2d09722456f4ead783d8ac23d62facd1629de21334
GET /upload/vod/20210801-1/7ba2dcb873c28afd8c7dc18841f0e907.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 219563
Last-Modified: Wed, 10 Aug 2022 11:35:36 GMT
Connection: keep-alive
ETag: "62f39808-359ab"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960716.jpg
172.247.77.90200 OK 9.6 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960716.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8db971c800ed49d29f10707b81ff3ade
aa4b471a296a8b90e7c3bfd6cd661fee18f07294
75137836f41817e569d9c5c4ab6d0dd858846e9fad0858008b29ca9c9041ed77
GET /upload/vod/2018-12-19/154520960716.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 9646
Last-Modified: Wed, 10 Aug 2022 11:46:08 GMT
Connection: keep-alive
ETag: "62f39a80-25ae"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960615.jpg
172.247.77.90200 OK 8.0 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960615.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8e4e2c81da38924d294cbbcf1fa67b90
655fc0dc889777b5c99752b95d0a84423c3cffb0
9e869303b184e030764f8242bf4f863f524da09de51a187f97658fe1361a052d
GET /upload/vod/2018-12-19/154520960615.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 7990
Last-Modified: Wed, 10 Aug 2022 12:05:37 GMT
Connection: keep-alive
ETag: "62f39f11-1f36"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d40480fee6417fe717f85128ee9fd02f
8895fbfd6d23eb5d40290b06dd38a190a1f18370
6058c7196c3724fd0aaa9d5affdf5ee4aa99a2cfc9078bcaba6ae786afd44ae4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 03:00:15 GMT
Expires: Thu, 29 Sep 2022 03:00:14 GMT
Etag: "8895fbfd6d23eb5d40290b06dd38a190a1f18370"
Cache-Control: max-age=306030,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7504398dae491c0a-OSL
ddcdn.comtucdncom.com/upload/vod/20210914-1/2e1e13054db40e45c8010e845549c758.jpg
172.247.77.90200 OK 174 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/20210914-1/2e1e13054db40e45c8010e845549c758.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 174 kB (173651 bytes)
Hash e8859388e353789bc4a9720fbbb899c4
3c84fc0337e8dc4421932f1e9c3ba3df29d9a648
b0a203db903857702627f127322ae3a8dcb50e866cfb83bb1eedff7832e567b8
GET /upload/vod/20210914-1/2e1e13054db40e45c8010e845549c758.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 173651
Last-Modified: Wed, 10 Aug 2022 12:01:51 GMT
Connection: keep-alive
ETag: "62f39e2f-2a653"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960614.jpg
172.247.77.90200 OK 6.7 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960614.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f044fa1f59bc112358ab6e78930fe861
b9e5dc86a0dc4f31a6e406cdbb32ce91e0ce6c70
673e6557b16fbb428a39a60fdeb64a7bbbb14e27694073d92af64f5efe4b6737
GET /upload/vod/2018-12-19/154520960614.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 6712
Last-Modified: Wed, 10 Aug 2022 12:08:05 GMT
Connection: keep-alive
ETag: "62f39fa5-1a38"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b99db651e89733bb111e2edf00cb22f
6977e7cbd53158f643197982f023be6104f86224
282e97c71432a95a6848a94ff59bc7e91c9eff6fd83d090825c68beb0cf51c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "282E97C71432A95A6848A94FF59BC7E91C9EFF6FD83D090825C68BEB0CF51C40"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=771
Expires: Sun, 25 Sep 2022 14:02:35 GMT
Date: Sun, 25 Sep 2022 13:49:44 GMT
Connection: keep-alive
ddcdn.comtucdncom.com/images/2022/05/20/kj21767.jpg
172.247.77.90200 OK 174 kB URL HTTP/1.1 ddcdn.comtucdncom.com/images/2022/05/20/kj21767.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 174 kB (174105 bytes)
Hash fb750ea59998870705f5f72f8f563592
5bc5929bbc0ef847bea7a0906e466018fedfca8c
3c951b1a1b0a0da6ad4f0f65e71ee6d70d3473a89e48415b9bcbcfbfa121468f
GET /images/2022/05/20/kj21767.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 174105
Last-Modified: Wed, 10 Aug 2022 11:35:04 GMT
Connection: keep-alive
ETag: "62f397e8-2a819"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960613.jpg
172.247.77.90200 OK 9.0 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960613.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 86b6c5c7a1addbfb65281fda9e7e7c77
9ec2c455728d3df1f8f6a1ea7da4714e6519896d
4aa74ad081ae77165768008cda338d8015ecefccc7ea2817fbddc0d7955c4b85
GET /upload/vod/2018-12-19/154520960613.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 9001
Last-Modified: Wed, 10 Aug 2022 12:04:32 GMT
Connection: keep-alive
ETag: "62f39ed0-2329"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960612.jpg
172.247.77.90200 OK 9.1 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960612.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5256d79dbaa88d7a7fdf372ea477136b
ac29965396117b819d4e384d5b63c158061e1c61
84c34a48c7de1a82cab32397b9c854db722775e9b637c701dec03b29fe32dd88
GET /upload/vod/2018-12-19/154520960612.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 9060
Last-Modified: Wed, 10 Aug 2022 12:02:33 GMT
Connection: keep-alive
ETag: "62f39e59-2364"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960611.jpg
172.247.77.90200 OK 7.1 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960611.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e0a38b29c41ab78ad08fc691f9ae68db
5653308f1b562391b4024078be6b389b6554dfa3
604bbdd86296361e2f05f4cd7ca273e9464a8a3b07a6b1e812164dec7bbc4398
GET /upload/vod/2018-12-19/154520960611.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 7084
Last-Modified: Wed, 10 Aug 2022 12:03:01 GMT
Connection: keep-alive
ETag: "62f39e75-1bac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960610.jpg
172.247.77.90200 OK 7.4 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/154520960610.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a5b8a8744aca2ad8beed77b51ab1f18e
34a5c6e4889f7d067897ec7bfaa94265240ad446
1787344d94c55441e3a4f5c1501062fa4e7e7bbd25aeb75b93d53b54bfeac3de
GET /upload/vod/2018-12-19/154520960610.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:54 GMT
Content-Type: image/jpeg
Content-Length: 7363
Last-Modified: Wed, 10 Aug 2022 11:54:45 GMT
Connection: keep-alive
ETag: "62f39c85-1cc3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096069.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096069.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6b8e111bf73dcc4bf86a0c10600781e7
bd419577c9f741abda14f0bc46d7a2251c5d4270
233efb25db15f297bd853c7865165147886363f7777af7a3e8895cb2022907bf
GET /upload/vod/2018-12-19/15452096069.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:55 GMT
Content-Type: image/jpeg
Content-Length: 11097
Last-Modified: Wed, 10 Aug 2022 12:04:50 GMT
Connection: keep-alive
ETag: "62f39ee2-2b59"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096067.jpg
172.247.77.90200 OK 5.8 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096067.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fdfac21b4ff80823faaeeb13c9fee452
336b78981a45290be654a89bf6694299abec7381
053cabeeb9914ee657c579d95a2765b6d9429ec1d7c9a680d29a3b154b3893af
GET /upload/vod/2018-12-19/15452096067.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:55 GMT
Content-Type: image/jpeg
Content-Length: 5781
Last-Modified: Wed, 10 Aug 2022 11:45:01 GMT
Connection: keep-alive
ETag: "62f39a3d-1695"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1815802067&si=4d8870b6a9fd1f090e3878f107fe7070&su=http%3A%2F%2F154.82.85.204%2F&v=1.2.97&lv=1&sn=49062&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.sedxrc.top%2F&tt=%E6%B6%A9%E6%B6%A9%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1815802067&si=4d8870b6a9fd1f090e3878f107fe7070&su=http%3A%2F%2F154.82.85.204%2F&v=1.2.97&lv=1&sn=49062&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.sedxrc.top%2F&tt=%E6%B6%A9%E6%B6%A9%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1815802067&si=4d8870b6a9fd1f090e3878f107fe7070&su=http%3A%2F%2F154.82.85.204%2F&v=1.2.97&lv=1&sn=49062&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.sedxrc.top%2F&tt=%E6%B6%A9%E6%B6%A9%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 25 Sep 2022 13:49:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B279A1045CCA9030; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.aoattsetp.vip/hf/yxx.gif
172.67.194.142200 OK 205 kB URL HTTP/2 www.aoattsetp.vip/hf/yxx.gif
IP 172.67.194.142:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 205 kB (205005 bytes)
Hash 92333d1b27dc34d9d2954a9002b28430
dc171655c9f6679a37ed79505bfde28154b322b7
326dfa38159118ab18aa5dce0a9c10f4e19f2050a0bafeda7bfe7a0a4aca0cc5
GET /hf/yxx.gif HTTP/1.1
Host: www.aoattsetp.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:44 GMT
content-type: image/gif
content-length: 205005
last-modified: Tue, 21 Jun 2022 08:34:51 GMT
etag: "62b182ab-320cd"
expires: Tue, 25 Oct 2022 02:38:48 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1pbSuB%2FyobmiA9gSbpRIzc0Bx5fQezRjDwKHqhaMX%2B%2BQFGnnIyycjDPqQ%2Bk89qOgZu%2FsGP6OQ7QqINwnCUyAPzhw%2Bx1vfb%2BKlZhqLAvUqn096jyipCiaNcI7Djof4dnWutk3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750439893847b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096068.jpg
172.247.77.90200 OK 14 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2018-12-19/15452096068.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 40af99846ea574dad57a1f52e87aa4a2
fae8f620667e87320ea351f5d1cb6370c45df51f
13233012b1c03eac4316bcba7a717e92a7f57074ca61d86db17cc02904702e9b
GET /upload/vod/2018-12-19/15452096068.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 25 Sep 2022 13:49:55 GMT
Content-Type: image/jpeg
Content-Length: 13759
Last-Modified: Wed, 10 Aug 2022 12:03:34 GMT
Connection: keep-alive
ETag: "62f39e96-35bf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:47:58 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Tue, 25 Oct 2022 13:47:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tukudhgg.vip/hf/xincha.gif
172.67.208.179200 OK 287 kB URL HTTP/2 tukudhgg.vip/hf/xincha.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 287 kB (287106 bytes)
Hash bf69a23dccde7e62074b6300ea402b95
dd009214a977991f1ce608f209962267a2db1e2c
6e329ba63b5b8b6493317c2c2f140b49bc76cb72d5eb06793d5f32e87ac308fb
GET /hf/xincha.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 13:49:44 GMT
content-type: image/gif
content-length: 287106
last-modified: Mon, 06 Jun 2022 10:46:28 GMT
etag: "629ddb04-46182"
expires: Tue, 25 Oct 2022 02:38:47 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40kg%2FJXhLp2gzDqKQHzuTSugsbUkD6K7GvD%2B3D07o8ukGN%2BJ0iNYqu6nb1KsS2Dc5yKQdD%2Biy7UtL92z7P9U6gwN3WvSX8ZaKYCNNYioeKbqKLzvqo9WK0bHeeDzbC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504398858deb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fsadcx1.com/tu/yuepao2.gif
23.225.3.254200 OK 1.0 MB URL HTTP/2 fsadcx1.com/tu/yuepao2.gif
IP 23.225.3.254:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.0 MB (1006638 bytes)
Hash 596de8a014be675387da11ffa70b9a16
64062cb848260d8ab39caa39fb2e85a589bd55e0
bc402bdad0ec3f8b141ab68fc274e9af649183d400855b91942c6666b5a32ea2
GET /tu/yuepao2.gif HTTP/1.1
Host: fsadcx1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:49:43 GMT
content-type: image/gif
content-length: 1006638
last-modified: Mon, 04 Jul 2022 11:59:09 GMT
etag: "62c2d60d-f5c2e"
expires: Tue, 25 Oct 2022 13:49:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
u0062.com/c5c6c65984104777bbe764a19002b419.gif
20.239.189.131200 OK 255 kB URL HTTP/1.1 u0062.com/c5c6c65984104777bbe764a19002b419.gif
IP 20.239.189.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 255 kB (254876 bytes)
Hash ceecad65a32ae4b1747d53c0eeb03f89
8a3a33f48525785cdb859181b14e66ad55282be2
25f5ff3cac5080f725f889a606a74777874e5d309338cd14764f68692e4e98a5
GET /c5c6c65984104777bbe764a19002b419.gif HTTP/1.1
Host: u0062.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:44 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 24 Sep 2022 13:25:05 GMT
ETag: W/"632f0531-77cd5"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u0083.com/4db657ca903d4d48964c50d662626b8a.gif
20.239.174.250200 OK 268 kB URL HTTP/1.1 u0083.com/4db657ca903d4d48964c50d662626b8a.gif
IP 20.239.174.250:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 268 kB (268196 bytes)
Hash e7a18470a295a3963122274db3ede85e
49f873951a8fa55e281d278bf086b5ec5bcadced
23a23a072d687d8d8f17735e6cfbb66c999bc48a60d9257badf2c39147775a62
GET /4db657ca903d4d48964c50d662626b8a.gif HTTP/1.1
Host: u0083.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:44 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 24 Sep 2022 13:25:18 GMT
ETag: W/"632f053e-47c75"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 74641b2cd71106694c81674987a218ef
53fb1e74cb0b3fdbeebe6726f233be6c7d2c0dbb
6c7ad173ea6cc8661e192e1ef893d64ad84433d43f51efbbccdac2aff7a7a2a4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 01:06:38 GMT
Expires: Fri, 30 Sep 2022 01:06:37 GMT
Etag: "53fb1e74cb0b3fdbeebe6726f233be6c7d2c0dbb"
Cache-Control: max-age=385611,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75043995cfbe1c0a-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 142386c34b92f6c085f5d809ada2aa58
84ed8666876d7a66e9cbb4e22c73748cbd715530
23cb95626b3c3b39bde6eb7d886940c366f0e1d07376ac216d0ad833e71d39bd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 12:26:17 GMT
Expires: Fri, 30 Sep 2022 12:26:16 GMT
Etag: "84ed8666876d7a66e9cbb4e22c73748cbd715530"
Cache-Control: max-age=426390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75043995cb440b55-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0ca3daf62591ab365eb09156a59c3748
76c922156f8e88078b10fd7d9b814cbca1f83d63
b7573c990796a136873d5fe44b62f7e8d787e5b8cd21c1a93109fdad7d1188b4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 20:50:22 GMT
Expires: Sat, 01 Oct 2022 20:50:21 GMT
Etag: "76c922156f8e88078b10fd7d9b814cbca1f83d63"
Cache-Control: max-age=543035,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75043995ca330b39-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f5aee1d7e63fe80063c698b33864fd47
c649a3859e9cb799c2798556b5db91d51290519a
d0ff67d634189ff47f36f6f8638efed175d05b35e4e34a304f887370b757fe43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 13:49:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 06:14:34 GMT
Expires: Sun, 02 Oct 2022 06:14:33 GMT
Etag: "c649a3859e9cb799c2798556b5db91d51290519a"
Cache-Control: max-age=576887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75043995da0eb4eb-OSL
n7181.com/568513a5f18c4651b210da21cc453fc9.gif
45.61.212.46200 OK 131 kB URL HTTP/1.1 n7181.com/568513a5f18c4651b210da21cc453fc9.gif
IP 45.61.212.46:0
File type GIF image data, version 89a, 640 x 150\012- data
Size 131 kB (130768 bytes)
Hash c10f4fc7da74c02c22587440d4648913
a610e6f7688a2847afcf8643447bb4e2bd3a895f
38988214147818c4d915a973ed6c25b2e833028a294043e35ada431037879a5e
GET /568513a5f18c4651b210da21cc453fc9.gif HTTP/1.1
Host: n7181.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee6cd2-1fed0"
Date: Tue, 06 Sep 2022 03:19:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 13:29:54 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-16
Content-Length: 130768
n8537.com/34ec2d96241a4855b73c1fd446831f24.gif
45.61.212.51200 OK 196 kB URL HTTP/1.1 n8537.com/34ec2d96241a4855b73c1fd446831f24.gif
IP 45.61.212.51:0
File type GIF image data, version 89a, 240 x 240\012- data
Size 196 kB (195821 bytes)
Hash 5efa8c1891d67420262605d06b259366
33fecef9f0f2473b67cc666e88544083168cf615
90b03b96ebba339bed98dc64ae69c487c4b776d75977b6b702c22169b4c1e0f3
GET /34ec2d96241a4855b73c1fd446831f24.gif HTTP/1.1
Host: n8537.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee6da9-2fced"
Date: Thu, 25 Aug 2022 09:18:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 13:33:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-21
Content-Length: 195821
pvhgws7.com/6a754746ebf6439fb6e74c851aa07748.gif
103.170.15.89200 OK 514 kB URL HTTP/1.1 pvhgws7.com/6a754746ebf6439fb6e74c851aa07748.gif
IP 103.170.15.89:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 240 x 240\012- data
Size 514 kB (514505 bytes)
Hash 0746b921df276d1f6d38452176e54cfc
34c7d8aa0528a42b0aab63f8cc2ee0b233aecf29
4b6bad6a2cf968c1b32a4796cdd294343e22321ca6826ea90f71297708bb0853
GET /6a754746ebf6439fb6e74c851aa07748.gif HTTP/1.1
Host: pvhgws7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62962c5e-7d9c9"
Date: Wed, 06 Jul 2022 16:47:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 31 May 2022 14:55:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-19
Content-Length: 514505
n5878.com/da5b9bce17da4574bf211b0c869b6432.gif
45.61.212.219200 OK 818 kB URL HTTP/1.1 n5878.com/da5b9bce17da4574bf211b0c869b6432.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 818 kB (817676 bytes)
Hash 2c0914501592136ef2d10a4111e355ed
d927d360f758036d51f4876f2ab97ac6d8ed5181
688662d5acf1c6584aa70e4a8ae273489b3a3b33e6b38f93571d85e99856d793
GET /da5b9bce17da4574bf211b0c869b6432.gif HTTP/1.1
Host: n5878.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62c6d88d-c7a0c"
Date: Sat, 17 Sep 2022 12:35:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 07 Jul 2022 12:58:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 817676
sdxjs.top/ggdy/wz.js
154.82.85.207200 OK 0 B IP 154.82.85.207:0
GET /ggdy/wz.js HTTP/1.1
Host: sdxjs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:51:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:03:23 GMT
vary: Accept-Encoding
etag: W/"632b43db-1b95"
expires: Mon, 26 Sep 2022 01:51:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sesejs.top/ggdy/spq.js
154.82.85.209200 OK 0 B IP 154.82.85.209:0
GET /ggdy/spq.js HTTP/1.1
Host: sesejs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:51:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:04:56 GMT
vary: Accept-Encoding
etag: W/"632b4438-639"
expires: Mon, 26 Sep 2022 01:51:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sesejs.top/ggdy/lm.js
154.82.85.209200 OK 0 B IP 154.82.85.209:0
GET /ggdy/lm.js HTTP/1.1
Host: sesejs.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sedxrc.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 13:51:04 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 15:00:21 GMT
vary: Accept-Encoding
etag: W/"630e2605-5f0"
expires: Mon, 26 Sep 2022 01:51:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2