r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4915
Expires: Fri, 27 Jan 2023 03:36:36 GMT
Date: Fri, 27 Jan 2023 02:14:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Fri, 27 Jan 2023 03:47:48 GMT
Date: Fri, 27 Jan 2023 02:14:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 01:42:58 GMT
content-type: application/json
age: 1903
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Fri, 27 Jan 2023 04:14:42 GMT
Date: Fri, 27 Jan 2023 02:14:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vw7WeJD5MGxbsQjDinop5NJgJNAnFl1AK0Xjr3ziVB9R3IyMqQfuHDmUwC2ZA6MffrNA+qurl/zNaUojzHuqZA==
x-amz-request-id: PRPH8CJRHMN54MVR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 01:20:20 GMT
age: 3261
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.22yys.com/video/2018-10/44511.html
156.232.196.221200 OK 630 B URL HTTP/1.1 www.22yys.com/video/2018-10/44511.html
IP 156.232.196.221:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (984), with CRLF line terminators
Hash 1efe03218bd29b0b848b2be245b8f84a
e934fa35601e967ae72beb4981aa6ed1ee31c057
a20404941ab9e5eaac62b9b3d51e190a5fe8c8b80e68e90d154a199a991179e5
Analyzer Verdict Alert fortinet Phishing
GET /video/2018-10/44511.html HTTP/1.1
Host: www.22yys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:14:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.22yys.com/common.js
156.232.196.221200 OK 561 B IP 156.232.196.221:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 0d44c24a216b13c1b7b85cec4dc2adf1
aa8611c752549593e750f953de26d3d7e9a3c863
decd455948f1d553b33dd9d28d98755e2b4fec5ad7d9dbda8e0371432dbed03b
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.22yys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.22yys.com/video/2018-10/44511.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:42 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.22yys.com/tj.js
156.232.196.221200 OK 258 B IP 156.232.196.221:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 9308ae51b474f55c3794627617c19eb1
658390adbbcd7921132a387eec56de0ffa9ecb0a
f90f9025d7827030ace1447d4e86f19845650d69e5f3b8330848bc24b2be205e
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.22yys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.22yys.com/video/2018-10/44511.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:42 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 01:49:02 GMT
age: 1540
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Fri, 27 Jan 2023 03:19:20 GMT
Date: Fri, 27 Jan 2023 02:14:42 GMT
Connection: keep-alive
www.22yys.com/favicon.ico
156.232.196.221200 OK 1.2 kB URL HTTP/1.1 www.22yys.com/favicon.ico
IP 156.232.196.221:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.22yys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.22yys.com/video/2018-10/44511.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:42 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 01 Feb 2023 02:14:42 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1149e8d03b13300faa774f55b800dac5
4e2e3aa35886cd5f6be1d5bbb0af48439b3ef71c
8e0a9746bf7c732a3644532a2765ab85a5b82e11281d76daac53fd31c3d3c7d3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 30 Jan 2023 23:33:36 GMT
ETag: "4e2e3aa35886cd5f6be1d5bbb0af48439b3ef71c"
Last-Modified: Thu, 26 Jan 2023 23:33:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 453
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fdf9f65d440b65-OSL
push.services.mozilla.com/
54.148.89.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.89.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ohZqcQojWez9b/sPeS092g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pbsj4XBnGBU+LFe3XMSjcTw51LQ=
fcx.mgam1.top/
122.10.110.87200 OK 193 B IP 122.10.110.87:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash ed0d35252afa3893d4b3543bbf857901
6ebc818f2a23e644362f840b2a84bcbf40fb46c3
8a8ed18ba066b7ea2a07564b0121b2aa056c4d7da2ce4360869a3835621036a9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: fcx.mgam1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.22yys.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 08:02:53 GMT
Accept-Ranges: bytes
ETag: "199025230ed91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 02:14:42 GMT
Content-Length: 193
hm.baidu.com/hm.js?558b077d6dddde6217fa5d82f06e2468
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?558b077d6dddde6217fa5d82f06e2468
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash b49ca45d31463dcd989510f6a09ccd41
ca40083195090ba6aa18a87045a4b679c0767558
14c9504c85019f06b823f8a9b323a4e4fe69d9600897da49d4410393ee2180f8
GET /hm.js?558b077d6dddde6217fa5d82f06e2468 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.22yys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Fri, 27 Jan 2023 02:14:43 GMT
Etag: 66af9fbd449b8cd3439c08eaed2238a8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=72D96F792D53A939; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=58302088&si=558b077d6dddde6217fa5d82f06e2468&v=1.3.0&lv=1&sn=38759&r=0&ww=1280&u=http%3A%2F%2Fwww.22yys.com%2Fvideo%2F2018-10%2F44511.html&tt=%E8%AF%B8%E5%9F%8E%E6%AF%95%E6%B2%B8%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=58302088&si=558b077d6dddde6217fa5d82f06e2468&v=1.3.0&lv=1&sn=38759&r=0&ww=1280&u=http%3A%2F%2Fwww.22yys.com%2Fvideo%2F2018-10%2F44511.html&tt=%E8%AF%B8%E5%9F%8E%E6%AF%95%E6%B2%B8%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=58302088&si=558b077d6dddde6217fa5d82f06e2468&v=1.3.0&lv=1&sn=38759&r=0&ww=1280&u=http%3A%2F%2Fwww.22yys.com%2Fvideo%2F2018-10%2F44511.html&tt=%E8%AF%B8%E5%9F%8E%E6%AF%95%E6%B2%B8%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.22yys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 02:14:43 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2FA360D9B1F17B28; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 02:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 02:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 02:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 02:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 02:14:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3605538118d3aaef721a03d482b0f9a
2e2e770d552a05a0f24f4bbb1110266440b2bf76
1011d275125968599a8dd082810deca07e82770efad760b3f1ebf7f74ebab78e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: 8eb82d16-63f8-4e6e-b9fe-1795c7703c03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2EbSoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-67a0958d7cd1f132605d93be;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fEX2-oiOwaU7l9OQzljVzFI-CQOwn4yQjUJ_fv0pmjc6C8evz1LDbQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:12:36 GMT
age: 54128
etag: "2e2e770d552a05a0f24f4bbb1110266440b2bf76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 11602
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:40:53 GMT
age: 63231
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a01352e094fda751e3227191ca74469
7ad63fabc3d52f7fc3f2f648d11edf7241e24368
8c06a16bab3b9c3130a8d8d91e52a01073b685d4831d1ba7129ac571bd7d0bc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7525
x-amzn-requestid: a7a05ec2-92ae-4813-b087-c4f32df1f7f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB5k7GgkoAMF6eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3c85-3c08d20509992a0d031213ad;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 07:02:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyRhsgixwVqdtaNructs84RGA6AYOgTbqE_lUViwIZCHFMosWEo_8w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 09:59:33 GMT
age: 58511
etag: "7ad63fabc3d52f7fc3f2f648d11edf7241e24368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1695371c247eedad65b4cac82f01215d
50510052f0e22e23f747c761d57cdf72910ac533
aadde426229f04f6a489b87d6949a485b19d4fd035cb244b6094549efc08013f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6394
x-amzn-requestid: 859587bc-081f-4092-8fed-40e3f2bc8ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOjE6FJNIAMFz6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4bb8-28848a07545a0e557f1250b1;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIQ-V8uU0HwYAPEfXMUw7T2IYlStHuZ0mwWdVFUNf46i6ugVGZm-Bw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:50:55 GMT
age: 51829
etag: "50510052f0e22e23f747c761d57cdf72910ac533"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 17442
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
yld.mgus4.top/
154.212.113.23200 OK 190 B IP 154.212.113.23:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash ca2d1f199673931f7138cf21370bbd6e
8e0ece7bb53a96555febf4d35861adf28cb2216c
53cfdb0ff9ac47a2aaa98da6cae4f2c9a8f128fc4bc73bdcc6d5d1834cfebae3
GET / HTTP/1.1
Host: yld.mgus4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fcx.mgam1.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 26 Jan 2023 14:24:15 GMT
Accept-Ranges: bytes
ETag: "358897de9131d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 27 Jan 2023 02:14:46 GMT
Content-Length: 190
vg5.mgpm8.top/
122.10.110.99200 OK 6.5 kB IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (515), with CRLF line terminators
Hash 0f0697fca1835c02bcf6ca25a3e3b469
af035dc85a9ef79d47ef0900d5181c182f5fa942
5261bfc4cc90e6d17eca09dbbe52b2211c08cb61747f4d04fd2b6c89a0470c76
GET / HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yld.mgus4.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=4jd1is8dsehprmbqfvg4e3729u; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
vg5.mgpm8.top/static/css/home.css
122.10.110.99200 OK 5.9 kB URL HTTP/1.1 vg5.mgpm8.top/static/css/home.css
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Hash 363ab79bd3cd42fd360bd10229a70042
9bc0232d1b50d5ae9fd981cefaf29324ee7a443d
c000deb565563d05f4285c70b58783e681e8147fd7933ffa9f87b9f93655c0fb
GET /static/css/home.css HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:47 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Jul 2019 02:09:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5ee-5501"
Expires: Fri, 27 Jan 2023 14:14:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/css/main.css
122.10.110.99200 OK 2.7 kB URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/css/main.css
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash dbb4f0b37f594e75b2871148ca85a365
b9aea005ead775da72e94963c9bdce85c0cd6c21
00ee502a1d0744abe9346a7a99a69a9407d9e6f501a558c1d9184d2bb10c0d1c
GET /template/m1938pc/css/main.css HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Mar 2020 08:29:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db97a-210b"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/css/index.css
122.10.110.99200 OK 974 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/css/index.css
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CR line terminators
Hash 27bfe0d50c5e1610ff4661360ed982f5
3d244f9e9ffbe76bb8113979062ba813dd1df5ba
81f88ee71706482058cfc1d5a1f292fdb47c4ceffb1e1ae0b1553b367bf72f32
GET /template/m1938pc/css/index.css HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Mar 2020 08:29:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db97c-989"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/static/js/jquery.lazyload.js
122.10.110.99200 OK 744 B URL HTTP/1.1 vg5.mgpm8.top/static/js/jquery.lazyload.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-8b8"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/js/jquery.superslide.js
122.10.110.99200 OK 2.9 kB URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/js/jquery.superslide.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db994-24d8"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/static/js/jquery.autocomplete.js
122.10.110.99200 OK 6.3 kB URL HTTP/1.1 vg5.mgpm8.top/static/js/jquery.autocomplete.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-6215"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/js/jquery.lazyload.js
122.10.110.99200 OK 744 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/js/jquery.lazyload.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db990-8b8"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/static/js/home.js
122.10.110.99200 OK 10 kB URL HTTP/1.1 vg5.mgpm8.top/static/js/home.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash cf27875c07ac1742b6554d5c6369812f
d7a01a40e5144cdcd36a8588cbb929e317019a78
a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440
GET /static/js/home.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Apr 2020 14:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d74-994e"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/js/jquery.base.js
122.10.110.99200 OK 2.2 kB URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/js/jquery.base.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
Hash e0bc5c26ea7f84a654cd7f3eadded5bc
eb806caf087af4435e03cd5701600d9dcf67f695
da42ceceb9a32cd547126d1d67ef79d7ec1f52cfdcd126a76815945bfa24e8a7
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db98a-1835"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/static/js/jquery.js
122.10.110.99200 OK 37 kB URL HTTP/1.1 vg5.mgpm8.top/static/js/jquery.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /static/js/jquery.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-169d5"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/wenzidb.js
122.10.110.99200 OK 676 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/wenzidb.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b1941be1d144336aaafe468af72e5eaf
d3eeb88e6a79dd7d4b2870df2798f64df19a10ef
2dac470dfee4b980ad7b829efad0bd72d9597de4894773e90e762a860002ca8d
GET /template/m1938pc/ads/wenzidb.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:46:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca62e5-1994"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/wenzi2.js
122.10.110.99200 OK 735 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/wenzi2.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash fe06f2589f56eeff00527ce47fb56684
804010f5f99eb296bc63d00911dd01b265b1203b
c762341429b6dc5e12898f4cdd06f80ca56a8a39dd29f1124155ef8a6566b2e4
GET /template/m1938pc/ads/wenzi2.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:45:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca62d4-1fd1"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/hfz.js
122.10.110.99200 OK 376 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/hfz.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash d89c3da4f15ff7b2ed4942a76bb206d4
7e0d693b46a594f264b3ff2eacccb3b6c71759a5
4132b4d098dae9cd01688cd1808c15e6dc283797f707a28eb61504b47c0d555b
GET /template/m1938pc/ads/hfz.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:45:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca62b2-4a7"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/sbxwz.js
122.10.110.99200 OK 558 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/sbxwz.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d415e488868ff27d76323b583b509784
68379e69a185c1c5ccde5087a6261ab7b341ba00
cc6876393225f3adb196dba6f3a55a5726630d4db407ad698883712822c725a6
GET /template/m1938pc/ads/sbxwz.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:45:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca62bf-884"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/77.js
122.10.110.99200 OK 576 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/77.js
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a9d56640aa19a4e8dc7878fe29ee3030
726059f2a1006f167ab5eff9f644f7e1eae47691
79cae71d5581ef0b497923c5e696bfab8ec0bf82c59634a84d3bdc9ec32ec85f
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:44:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca627b-453"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
vg5.mgpm8.top/template/m1938pc/ads/hfx.js?qwweq
122.10.110.99200 OK 420 B URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/ads/hfx.js?qwweq
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 551cc6ce779fff866b6b426454383ff6
bca9917ff0a9d484173e7c9f66dbd05bde00841e
88ee2dca33e78ca002e4d0b6f9f698ff28caa2b7e08ac321056f7161e2c54118
GET /template/m1938pc/ads/hfx.js?qwweq HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:44:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca6286-444"
Expires: Fri, 27 Jan 2023 14:14:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03f0efff01e96e43c8704ed781d131dc
1aa43869bab48e99bb62ca0596d30b9cf203bb53
8f0815220fdb7111adc73bbb2e66cc079675c266436d704ebc3eb87974e815a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F0815220FDB7111ADC73BBB2E66CC079675C266436D704EBC3EB87974E815A0"
Last-Modified: Wed, 25 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 08:14:48 GMT
Date: Fri, 27 Jan 2023 02:14:48 GMT
Connection: keep-alive
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 34138201d0ac55c31235876a0b66d8ed
e23db0c13151e308faba8f60f05ea4dd6e22bb66
ce5544bad5ed248ba786fb504019dd35bc00a7135b92315abab3acd464aea419
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 27 Jan 2023 02:14:48 GMT
Etag: 613d147bf25d76eabefb48201f21f147
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4FBF05861CD83D68; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vg5.mgpm8.top/template/m1938pc/images/bg.jpg
122.10.110.99200 OK 47 kB URL HTTP/1.1 vg5.mgpm8.top/template/m1938pc/images/bg.jpg
IP 122.10.110.99:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=[*0*], xresolution=98, yresolution=106, resolutionunit=2, software=www.keniu.com], baseline, precision 8, 1600x583, components 3\012- data
Hash f6e910bf0053424675e51e19f0fad8fd
c7dbbd470144db81e6b50bd1ba7f875ab67f6703
7122fb73f05ad0b1243d3844e5809fd35e98fdb473c8742364391aaf37bf0c00
GET /template/m1938pc/images/bg.jpg HTTP/1.1
Host: vg5.mgpm8.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/template/m1938pc/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:14:48 GMT
Content-Type: image/jpeg
Content-Length: 47019
Last-Modified: Sat, 28 Mar 2020 12:56:08 GMT
Connection: keep-alive
ETag: "5e7f4968-b7ab"
Expires: Sun, 26 Feb 2023 02:14:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 98c84d25760f86252d7b9e845751d8ba
166ab18c3dcea627df1c784ee2d57ef5b7bb631f
b6f2ff3663b838bbdd9bd779caca99fccadd07a6e58e8735a50f50e8157a0dcb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=392
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash cbda910ca1c1d1e2b65868815391f02e
7faf13ca0a86dc0afc3ed6307e6a59813608d13c
25381349d43c2ca8d03f9d3298cc3090373d9a8c6725dc30a536904cedc7e899
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=317
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash cbda910ca1c1d1e2b65868815391f02e
7faf13ca0a86dc0afc3ed6307e6a59813608d13c
25381349d43c2ca8d03f9d3298cc3090373d9a8c6725dc30a536904cedc7e899
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=335
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 98c84d25760f86252d7b9e845751d8ba
166ab18c3dcea627df1c784ee2d57ef5b7bb631f
b6f2ff3663b838bbdd9bd779caca99fccadd07a6e58e8735a50f50e8157a0dcb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=410
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 98c84d25760f86252d7b9e845751d8ba
166ab18c3dcea627df1c784ee2d57ef5b7bb631f
b6f2ff3663b838bbdd9bd779caca99fccadd07a6e58e8735a50f50e8157a0dcb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=404
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97da0bc3bdd09624e2b289daeda15d74
62a4c175f35a51f2929a555f48063b76e4a349c6
c998962a62e563eab1c24585077dbac8d785e78a3ae770ff9cb585c0a1045dbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C998962A62E563EAB1C24585077DBAC8D785E78A3AE770FF9CB585C0A1045DBF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12182
Expires: Fri, 27 Jan 2023 05:37:51 GMT
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
104.110.17.24200 OK 121 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 121 kB (120581 bytes)
Hash df98d05eafcc98d4a8beb8fdaea33d7b
e2fe0e1248eee770d0160151fd5d15822a5a9058
6c9bfee3b3175e72068b00c27a767920960a51080930ba550da900debc25d311
GET /images/0102y12000abt01aa9FED.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 120581
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5154894
expires: Mon, 27 Mar 2023 18:09:43 GMT
date: Fri, 27 Jan 2023 02:14:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
104.110.17.24200 OK 471 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 471 kB (471292 bytes)
Hash 5607cae5276d831657c9656d79a91056
984aef4f0ae0adcc6c1b95d07244a379a263c368
da1d86fc792d6db5a69c57bcc83670c0db02bd9d70e190b8b9f55a474f5442df
GET /images/0101u12000afi1qkd7430.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 471292
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6589056
expires: Thu, 13 Apr 2023 08:32:25 GMT
date: Fri, 27 Jan 2023 02:14:49 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash aa595503fd94f7714c452a9ee413b95d
8a1e337def7a8476abdd299cdb4be286890977dc
0120cf53635e284616874351e36c5ec296d0a0df269079a08cc1034525c18806
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 13:54:28 GMT
Expires: Thu, 02 Feb 2023 13:54:27 GMT
Etag: "8a1e337def7a8476abdd299cdb4be286890977dc"
Cache-Control: max-age=559777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fdfa1e8853b500-OSL
qmfimg.com/1023/500_280_2.gif
172.247.80.60200 OK 90 kB URL HTTP/2 qmfimg.com/1023/500_280_2.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 500 x 280\012- data
Hash 163444e34e941a514e2e54cf95a371b2
54aab81f637953a5a09d0a4691d9778f5fa6a93e
6ce8bfe02307e6f3c186e84a36b1e308fa860bd7510a528d26e89d3d9b9fbeb1
GET /1023/500_280_2.gif HTTP/1.1
Host: qmfimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:14:48 GMT
content-type: image/gif
content-length: 90436
last-modified: Sun, 23 Oct 2022 14:56:56 GMT
etag: "63555638-16144"
expires: Sat, 25 Feb 2023 23:15:49 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=519570875&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38764&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=519570875&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38764&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=519570875&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38764&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 02:14:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6A368189F25F5903; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fmlb.netlbtu.com/upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg
172.247.77.90200 OK 6.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 8c9592d38d99439490e0aa8f66d6e1d1
38e3bf60782c87c57ef9695bbfe15235ee78c29d
fdd26bbdbdde3ccd0787578336e73f7fbe29df3feb328f3391f580ee3ecf1507
GET /upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 6765
Last-Modified: Wed, 09 Nov 2022 11:40:18 GMT
Connection: keep-alive
ETag: "636b91a2-1a6d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg
172.247.77.90200 OK 7.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 6f0507788ba5b2810d0095519aff85e3
b7f82f2baeab76e3479aeb72c5187373e77ec1ca
d210880543e2269ad693a2bd992730e08ab57405239f64f2170182fee366b2a1
GET /upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 7422
Last-Modified: Wed, 09 Nov 2022 11:40:18 GMT
Connection: keep-alive
ETag: "636b91a2-1cfe"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg
172.247.77.90200 OK 7.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b0a59aa88dcc7be9e9150cd47f2de317
16ce89a647b7e29f6ccdd7095fc4ec7db7fb58c8
2dad807728c6f6f357d2c81d45454eb7e038cfe3857aa01b33396763277054f5
GET /upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 7315
Last-Modified: Wed, 09 Nov 2022 11:40:18 GMT
Connection: keep-alive
ETag: "636b91a2-1c93"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg
172.247.77.90200 OK 9.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2d790eb56ef16deaf159e4a4c8f93e6a
5e11e4f4aef438166bad0a0041429b88f4ca9892
1fd233343b6f5c770607473afdc1f3dbe8aa88d3fc078884d4c9c4dd9fbe97aa
GET /upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 9648
Last-Modified: Wed, 09 Nov 2022 08:20:54 GMT
Connection: keep-alive
ETag: "636b62e6-25b0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e24373b87f2f878c23eb528d6bccffc2
aa78431363b9b766bc95b2da288378146805ae00
ac612aa2661878deaa270a4817f048b2b5ad4432c8d4eee673a71bd51083a7ed
GET /upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 10609
Last-Modified: Wed, 09 Nov 2022 08:21:16 GMT
Connection: keep-alive
ETag: "636b62fc-2971"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg
172.247.77.90200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 155322ef0a71643e7e359e1ae1f89ba5
03b2ac22114f04d6e93ef63f47bf01f4b18fa047
bf3eb01aa7ec619009da258e879b289447cf7838f25c6d7a52fa31807a3270ab
GET /upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 12548
Last-Modified: Wed, 09 Nov 2022 11:40:18 GMT
Connection: keep-alive
ETag: "636b91a2-3104"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash ac2060a4f32733309f77e54d5ea9c1c9
2334dbdef4eda1797f4eafedec885a2d70f3cb3a
bb60e975fae1b9df95e099430e5408d8ac4e57f00b4f24fa5f10ae034d831a58
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4371
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:14:49 GMT
Last-Modified: Fri, 27 Jan 2023 01:01:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash ac2060a4f32733309f77e54d5ea9c1c9
2334dbdef4eda1797f4eafedec885a2d70f3cb3a
bb60e975fae1b9df95e099430e5408d8ac4e57f00b4f24fa5f10ae034d831a58
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4371
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:14:49 GMT
Last-Modified: Fri, 27 Jan 2023 01:01:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
fmlb.netlbtu.com/upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg
172.247.77.90200 OK 8.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 74e21fffa8dc9998e0ee6d430c44346a
0bee2c230d40c0a355c92f3cdd61c0ca4ff93d32
43a87145605aee89aaf3743ab6d8d875604e7bf7794c422b5776823aec855307
GET /upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 8284
Last-Modified: Wed, 09 Nov 2022 08:20:48 GMT
Connection: keep-alive
ETag: "636b62e0-205c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 5b2b031d553754f47725eac921cf45e3
024b9b83452557103a4d4f73380386b3da4678e1
7d51de8a2fe9a424a0fa1eae57528e85d8aa02dee49de0467d4264d3ace80169
GET /upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 11121
Last-Modified: Wed, 09 Nov 2022 08:20:51 GMT
Connection: keep-alive
ETag: "636b62e3-2b71"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash c38f8600b79197f9cd39f1e4ca8f293b
1bcbb403f66aa75a67aa7d4d3184be0ed975055c
69d96a1e63eaaefc256cb07e4b9a0fce5c9d23debadff35ed6f995dd8839f2f6
GET /upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 10710
Last-Modified: Wed, 09 Nov 2022 08:21:16 GMT
Connection: keep-alive
ETag: "636b62fc-29d6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg
172.247.77.90200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 19ccd1006250bbc38999d1180550fc6d
e309087b130840c0132325c477270e85c8c28201
c3a429745775f3f079c661ae2de5b2184671cd04fd8b1cbca5b18c35e16d3b7a
GET /upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 12110
Last-Modified: Wed, 09 Nov 2022 08:21:17 GMT
Connection: keep-alive
ETag: "636b62fd-2f4e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e74596189d30f2253b9baa33bbc9a052
fc98bce6fe66948f6003e4eaebb215fa2486f8ce
d8ae02fa60f06df48729e455833d9ea044f291dff2dfb265423b741c0749c987
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8AE02FA60F06DF48729E455833D9EA044F291DFF2DFB265423B741C0749C987"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Fri, 27 Jan 2023 04:33:37 GMT
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg
172.247.77.90200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b0f0d2ced02d2dcadd0dede0bb4b36fe
74fb802cdcab4e08016b641f07dabc21fedda9e3
c5107469f97c76f5049534b9fbe6b7c2c08b64c8f6c46cef44028101378d7113
GET /upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 13424
Last-Modified: Wed, 09 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "636b6302-3470"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 731697d02377035ac18cd27a68e5f8d2
ab89e1ab06a14201795df11dd4db7a61f2c89292
ac4824084323660bb2ae17b4f36b955aa832d21f2be994f77a965103ee37c0a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:39:06 GMT
Expires: Wed, 01 Feb 2023 15:39:05 GMT
Etag: "ab89e1ab06a14201795df11dd4db7a61f2c89292"
Cache-Control: max-age=479655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fdfa1fc8eeb500-OSL
fmlb.netlbtu.com/upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg
172.247.77.90200 OK 15 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 5c7b7abbda58e4f9b4221abef567c89c
cce99139dff870092a1e521fb993047a600592d1
ba5e0290c08be5bac4c81a2f477e0313c04e6a645965a5707012d28b7c5ae524
GET /upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:50 GMT
Content-Type: image/jpeg
Content-Length: 14812
Last-Modified: Wed, 09 Nov 2022 08:20:54 GMT
Connection: keep-alive
ETag: "636b62e6-39dc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 27 Jan 2023 02:14:49 GMT
Etag: "4078521116"
Expires: Sat, 27 Jan 2024 02:14:49 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DD71C9CCD467B619DBD4BE90277670CA:FG=1; max-age=31536000; expires=Sat, 27-Jan-24 02:14:49 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.js?d3a1d16ac3c996fac9415791533eb52a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d3a1d16ac3c996fac9415791533eb52a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9de6cd6b7f890a49fc2ae028f7314699
b49190e3b03ce9f4b5c978c4ee706a2ca98508c9
d5d9e167ce1e282df5a41b9946e7678a706aaf4c4f86a5042b057cd4d0b601b8
GET /hm.js?d3a1d16ac3c996fac9415791533eb52a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 27 Jan 2023 02:14:49 GMT
Etag: 717ae8507581efe84bfee133c9932a3c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3A72862D61058D42; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 71a6ad7bd571e553b87c5e7beaa6bbb9
d04dcd4e2f730ce9ded1fac39f09f25557188d2f
31e7b83527052580d98bf79ae2ca0c3111ab157b5100819c2be64c2cd8356570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:13:01 GMT
Expires: Wed, 01 Feb 2023 17:13:00 GMT
Etag: "d04dcd4e2f730ce9ded1fac39f09f25557188d2f"
Cache-Control: max-age=485290,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fdfa211988b500-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 24ce49d77733048cdeef46f21e4df4a7
a1d0d8114b48706a2778b0376072890e41ecc428
7539ea9fa7c2377ef631a39a68359a20bd446e426b9fd0e4f7c0b4b471753ea5
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 30 Jan 2023 23:01:25 GMT
ETag: "a1d0d8114b48706a2778b0376072890e41ecc428"
Last-Modified: Thu, 26 Jan 2023 23:01:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2400
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fdfa216972b521-OSL
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 365673070791d156b4abd5861086ef3b
35af5543a838537a9c95a834207846b5d55d1a59
89c250d9928c5c52942c619186a82814b0e0b7a21ca3c7a910f09c196a4ad872
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:14:49 GMT
Last-Modified: Fri, 27 Jan 2023 01:10:45 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: J7ZvIWHw40b-OmRbb8oHt0z1Bch_NDtT3lT2w96HJAnQYnt_H3xnbw==
Age: 3844
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash f0f7ede141d798b19fb97a596fc14eba
1ec752ff41ca7b0cc7a3c36a4cdbaf88117c52a1
004d8b03eb3a9b4db3fbd5ecbcdef097ecc3e8c2592289b2f2a412e59e29b9c0
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:14:49 GMT
Last-Modified: Fri, 27 Jan 2023 00:51:33 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9lL3zvpZYxUVfpNDW0pwwcsq0_EkHwmSavpeqqQ7FPPc960wLkywdA==
Age: 4996
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash ec6efd5e054f0b8f4b023a14c3bc40d7
2f93589bed04161f62eee1fd87397baf2baf66c6
f3734e3c02b167bb142d69a355da929cf69718436e8e1d1b7272ed725f5f037b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:14:49 GMT
Etag: "63d099f8-1d7"
Last-Modified: Fri, 27 Jan 2023 01:40:53 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2Gp609qHeEiPjb4sRrz9N-6NV9JP0XxKYmu-Bq5TGwUof--wTOKfEA==
Age: 2036
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4d5a5777dbb9bcba7c39a2998d6b05e3
242cfadb79b47345a3579c1e1cc2559b4d447144
7047409aa17dc2d37f71cd858f2582ad03938487d790cd9aaa820460009b178d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 31 Jan 2023 00:44:49 GMT
ETag: "242cfadb79b47345a3579c1e1cc2559b4d447144"
Last-Modified: Fri, 27 Jan 2023 00:44:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2400
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fdfa21b987b521-OSL
fmlb.netlbtu.com/upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg
172.247.77.90200 OK 9.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash b3e7aaf919edcbc9a735a3272da5f497
0d5d3b1a43a309b69e2194e273f3853bace32562
4451baaf125b58dc3eb697a370c69938632bd418c9e09e12e7aa00266afdb170
GET /upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:51 GMT
Content-Type: image/jpeg
Content-Length: 9850
Last-Modified: Wed, 09 Nov 2022 08:20:54 GMT
Connection: keep-alive
ETag: "636b62e6-267a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 6735b9adeb50ed6ccc212c30839910c1
43ee4ccdcd81cc3f6e6b36a59bb10b2eb8493fcb
f9250c04c330c3826c8eca84147b4dc5a7ee115697365cf2ac14f29f8d765c4a
GET /upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:51 GMT
Content-Type: image/jpeg
Content-Length: 10654
Last-Modified: Wed, 09 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "636b62f5-299e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg
172.247.77.90200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 036de2903e17169410d1a62d02a2014f
d8233a2919185afd04216dc7ad6bcdc2e132e29d
6e12d24f656465ade2c014745db6ff26955bc8aad649a916e64fb393fae16342
GET /upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:51 GMT
Content-Type: image/jpeg
Content-Length: 12293
Last-Modified: Wed, 09 Nov 2022 08:20:22 GMT
Connection: keep-alive
ETag: "636b62c6-3005"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg
172.247.77.90200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c9245bce3de685003bac1459bfa6ee7c
b1427c444d873a1bce70401a315b005c7583b25a
5baf7ec924035dfaa4c57d51077c006938da8dcd0816c47abd7db5320e384c4d
GET /upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 27 Jan 2023 02:15:51 GMT
Content-Type: image/jpeg
Content-Length: 11156
Last-Modified: Wed, 09 Nov 2022 08:20:49 GMT
Connection: keep-alive
ETag: "636b62e1-2b94"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da9f7d0e621fa8eacbf416159bd82401
5165165936c1b0354419c6726ce87a06a810b871
8ad6e807d32928be1c20a1d624214ecd14365d820bb11db71f2b32c3e0f856ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AD6E807D32928BE1C20A1D624214ECD14365D820BB11DB71F2B32C3E0F856AE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 08:14:49 GMT
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash feb2b192102a550236cbeb7a85f97d44
d2e30846e721c48214127756f2ca55d95f7401a2
38189119e1751c882b94026a2f96721ddd3df66c8c9f307cea66a3b48758019e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38189119E1751C882B94026A2F96721DDD3DF66C8C9F307CEA66A3B48758019E"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17046
Expires: Fri, 27 Jan 2023 06:58:55 GMT
Date: Fri, 27 Jan 2023 02:14:49 GMT
Connection: keep-alive
hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 19e62bf6e6e516ba6c1f63793a1a2854
291d360333ba530427f8d728876edcb4b4cf4a49
e9d4af9debe4f8d10423f1f8207a34d65a80cb18b848363f364715c00790a226
GET /hm.js?6cdc9a2253c9e58f82eb10fc564d352b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 27 Jan 2023 02:14:49 GMT
Etag: 120aa78f5d4015efec39c3d9a9c9e873
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F86B0E9F0C5B3C07; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
u22055.com/46496f76c9dae3ae65138d84c0e1ac84.gif
13.227.254.46200 OK 216 kB URL HTTP/2 u22055.com/46496f76c9dae3ae65138d84c0e1ac84.gif
IP 13.227.254.46:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 216 kB (215726 bytes)
Hash 896f10d486e6dec7a60f0079859bb04b
8120b886a632b554d69e0290130ed822356bd98b
3dda8514f252e4b4fe69f99c2e12dc02cc4ff6dbb05607b5b09965bca1422973
GET /46496f76c9dae3ae65138d84c0e1ac84.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 215726
date: Fri, 13 Jan 2023 12:34:38 GMT
last-modified: Fri, 13 Jan 2023 11:21:26 GMT
etag: "896f10d486e6dec7a60f0079859bb04b"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3blcAa6MY2RPAZEOqVExkqPJhiEifwDzuob2ARlRNCCcaSnj1o9egw==
age: 1172412
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1271093223&si=d3a1d16ac3c996fac9415791533eb52a&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1271093223&si=d3a1d16ac3c996fac9415791533eb52a&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1271093223&si=d3a1d16ac3c996fac9415791533eb52a&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 02:14:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E49F3B2F40EF813C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.75200 OK 396 kB URL HTTP/2 u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.75:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4vLl4JdnDlO8XeiFnNsNq_mMlc3tL7f67fMTJrX6p25PECBRk0phHw==
age: 1448563
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 27 Jan 2023 02:14:49 GMT
content-type: image/gif
content-length: 158841
expires: Thu, 05 Jan 2023 14:31:55 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 1264876
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
hlggimg.com/1023/640_200_2.gif
172.247.80.60200 OK 67 kB URL HTTP/2 hlggimg.com/1023/640_200_2.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 640 x 200\012- data
Hash 3d428957baf4858b9fa51159eed760b8
9bedac19dab8eaa07f1fa834a07b605bba8aa580
6525a61e3d6e20e3c5af390648c7f498e8c9deb969b28bb24d97f71277e2a414
GET /1023/640_200_2.gif HTTP/1.1
Host: hlggimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:14:49 GMT
content-type: image/gif
content-length: 66992
last-modified: Sun, 23 Oct 2022 14:56:58 GMT
etag: "6355563a-105b0"
expires: Sat, 25 Feb 2023 10:24:23 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.46200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.46:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JnFJbhupvG0J0d-JN8Iu8gpFIWECcGantRnxsxWrv81uWn-q3ep0Lg==
age: 1448563
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?r=http%3A%2F%2Fyld.mgus4.top%2F&l=http://vg5.mgpm8.top/
180.101.212.103200 OK 23 B URL HTTP/1.1 api.share.baidu.com/s.gif?r=http%3A%2F%2Fyld.mgus4.top%2F&l=http://vg5.mgpm8.top/
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
GET /s.gif?r=http%3A%2F%2Fyld.mgus4.top%2F&l=http://vg5.mgpm8.top/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 23
Content-Type: image/gif
Server: bfe
Date: Fri, 27 Jan 2023 02:14:50 GMT
pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
185.10.104.115200 OK 1.3 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /bjh/5f356028e5e94176f56a75568e49ae20.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 27 Jan 2023 02:14:49 GMT
content-type: image/gif
content-length: 1296026
expires: Sun, 29 Jan 2023 03:44:38 GMT
last-modified: Sun, 01 May 2022 03:41:02 GMT
etag: "5f356028e5e94176f56a75568e49ae20"
age: 81011
accept-ranges: bytes
content-md5: XzVgKOXpQXb1anVWjkmuIA==
x-bce-content-crc32: 619664397
x-bce-debug-id: qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
x-bce-request-id: f2b33ae6-db81-4f70-9150-c6452b74a3f4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 03:44:37 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
ohc-file-size: 1296026
x-cache-status: HIT
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1887609094&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1887609094&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1887609094&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fyld.mgus4.top%2F&v=1.3.0&lv=1&sn=38765&r=0&ww=1252&u=http%3A%2F%2Fvg5.mgpm8.top%2F&tt=%E8%8A%92%E6%9E%9C%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 02:14:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AA36D7100D45B3C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.116200 OK 864 kB URL HTTP/2 u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.116:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: u25011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 22:37:21 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5wPfDl19_Dkj2JSSadaH66PiaGrmYL4YtMlNWLdB9iRkqtSTOm1MxQ==
age: 13049
X-Firefox-Spdy: h2
qqiuimg.top/1023/500_280_1.gif
172.247.80.59200 OK 90 kB URL HTTP/2 qqiuimg.top/1023/500_280_1.gif
IP 172.247.80.59:0
File type GIF image data, version 89a, 500 x 280\012- data
Hash 0429bcf5f928f0e066493a11f86156bd
99beeff5d993e2c5c2cefdf83b02605800bba32c
1225d5f30ee7f511f554bf7b9b70efdcf1a5933f6853f007568f965598c0578d
GET /1023/500_280_1.gif HTTP/1.1
Host: qqiuimg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:14:50 GMT
content-type: image/gif
content-length: 90013
last-modified: Sun, 23 Oct 2022 14:56:55 GMT
etag: "63555637-15f9d"
expires: Sat, 25 Feb 2023 23:42:00 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
45.61.212.139200 OK 275 kB URL HTTP/2 u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
IP 45.61.212.139:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 275 kB (275446 bytes)
Hash 70c0e3b780542b0ba8634822528674c1
18ff79341d6854d6c841618bc108233fb064b9c2
de2918f8ea0639a91d608b506207f16cc973559eb143eb711601ba50e14ef2bc
GET /cf8c8be1fbe748b3ab05c1896bde8d0b.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63bae198-433f6"
server: nginx
date: Wed, 25 Jan 2023 04:16:12 GMT
content-type: image/gif
last-modified: Sun, 08 Jan 2023 15:30:32 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-09
content-length: 275446
X-Firefox-Spdy: h2
u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
103.170.15.68200 OK 347 kB URL HTTP/2 u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
IP 103.170.15.68:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 347 kB (347426 bytes)
Hash 9113d18ae855d227d6f10b05e4f6425e
5e9cafc7cb295afbdc9298fd7144f3125191b710
2e70e0d59d74220a307c094c2cf8b77ef905bf8ec8226e35f115632485aba973
GET /b80b68717e334bfcb8f9c35dec22678c.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b563f5-54d22"
server: nginx
date: Thu, 26 Jan 2023 12:14:46 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 11:33:09 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-58
content-length: 347426
X-Firefox-Spdy: h2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:07:53 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sun, 26 Feb 2023 02:07:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b95fce65cc3c3e258c6f274955edd8ee
5b1492ee23f8fa74e52e3e4729969e497bdc96c0
9b36ee749f6aae97bdfe6c5d0709693e14d84290fd3aecd919063cc1e3fbe006
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 30 Jan 2023 22:28:25 GMT
ETag: "5b1492ee23f8fa74e52e3e4729969e497bdc96c0"
Last-Modified: Thu, 26 Jan 2023 22:28:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fdfa274b100b65-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b95fce65cc3c3e258c6f274955edd8ee
5b1492ee23f8fa74e52e3e4729969e497bdc96c0
9b36ee749f6aae97bdfe6c5d0709693e14d84290fd3aecd919063cc1e3fbe006
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 30 Jan 2023 22:28:25 GMT
ETag: "5b1492ee23f8fa74e52e3e4729969e497bdc96c0"
Last-Modified: Thu, 26 Jan 2023 22:28:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fdfa275ec21c0e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash cc9a8379b1d89017159c8ea02217f48e
80894297e136888e39e228c2fba5d30d6932859d
47dfe96865168f6994fcbd96c6aa242b090a70561c2db96780ff3e40a6e2b738
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:14:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:45:21 GMT
Expires: Wed, 01 Feb 2023 13:45:20 GMT
Etag: "80894297e136888e39e228c2fba5d30d6932859d"
Cache-Control: max-age=472829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fdfa26acc6b500-OSL
img.2611u.com/images/638edb5d970f0b1d475e3297.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.2611u.com/images/638edb5d970f0b1d475e3297.gif
IP 3.36.126.81:0
GET /images/638edb5d970f0b1d475e3297.gif HTTP/1.1
Host: img.2611u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2
imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
104.193.88.109200 OK 0 B URL HTTP/1.1 imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
IP 104.193.88.109:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 27 Jan 2023 02:15:09 GMT
Content-Type: image/gif
Content-Length: 196656
Connection: close
Access-Control-Allow-Origin: *
Etag: dcf1803214d0b363ae68f4b8337ad429
Expires: Sun, 26 Feb 2023 02:14:50 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
n0544.com/fb2a0ecfc87d434ca81af817d18356f2.gif
54.151.242.68200 OK 0 B URL HTTP/2 n0544.com/fb2a0ecfc87d434ca81af817d18356f2.gif
IP 54.151.242.68:0
GET /fb2a0ecfc87d434ca81af817d18356f2.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:14:49 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 08 Jan 2023 15:30:16 GMT
etag: W/"63bae188-7dc8"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
120.77.167.195200 OK 0 B URL HTTP/1.1 768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
IP 120.77.167.195:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /vip80.gif HTTP/1.1
Host: 768guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 27 Jan 2023 02:14:50 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63D3339A4931713832320B49
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Thu, 08 Dec 2022 08:00:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 2
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.29200 OK 0 B URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.29:0
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:14:50 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Tue, 28 Mar 2023 02:14:50 GMT
last-modified: Tue, 07 Mar 2023 08:18:57 GMT
x-nws-log-uuid: 634679d1-6f23-4b81-afbd-beb52baacfe5
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-cache-lookup: Hit From Disktank3
x-nws-uuid-verify: 58da04f337dabc9dfdb9b7c95c7c9808
m-traceid: kaiwwg7g47cexjt8s7rc
age: 1415560
timing-allow-origin: *
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.64200 OK 0 B URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.64:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vg5.mgpm8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 27 Jan 2023 02:14:50 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63D3339A23C05434316D3FDD
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 2