r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9564
Expires: Thu, 19 Jan 2023 05:29:58 GMT
Date: Thu, 19 Jan 2023 02:50:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16778
Expires: Thu, 19 Jan 2023 07:30:12 GMT
Date: Thu, 19 Jan 2023 02:50:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 02:34:30 GMT
content-type: application/json
age: 964
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8411
Expires: Thu, 19 Jan 2023 05:10:45 GMT
Date: Thu, 19 Jan 2023 02:50:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BhjwW1aXnTdNGBE7WUcpJHFArebZ/6ihNFLJr519Y9IBHQ4uJoQrDJCBy2y3spGRaO7xz/5kCLM=
x-amz-request-id: 021DVMZC04ZA50YV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 01:56:54 GMT
age: 3220
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
kidahora.net/news/2018/0125/99833.shtml
38.53.112.198301 Moved Permanently 0 B URL HTTP/1.1 kidahora.net/news/2018/0125/99833.shtml
IP 38.53.112.198:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news/2018/0125/99833.shtml HTTP/1.1
Host: kidahora.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 19 Jan 2023 02:50:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.kidahora.net/news/2018/0125/99833.shtml
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.kidahora.net/news/2018/0125/99833.shtml
38.53.112.198200 OK 706 B URL HTTP/1.1 www.kidahora.net/news/2018/0125/99833.shtml
IP 38.53.112.198:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (828), with CRLF line terminators
Hash 3d91d1e83ed9d13225ab1365beea3802
c0f97ffc2631b12726c71de6b7b3e7d6233edda3
94788fc4eccded6cdc68ce8369822f425e12e15ab2c0d0260d2b3e758c30aea2
GET /news/2018/0125/99833.shtml HTTP/1.1
Host: www.kidahora.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 02:50:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 02:17:25 GMT
age: 1990
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4550
Cache-Control: max-age=113523
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:50:35 GMT
Etag: "63c7b6a8-1d7"
Expires: Fri, 20 Jan 2023 10:22:38 GMT
Last-Modified: Wed, 18 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.kidahora.net/common.js
38.53.112.198200 OK 1.1 kB URL HTTP/1.1 www.kidahora.net/common.js
IP 38.53.112.198:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash e76fa239f5b91e17b93cd981eefbe2e5
bc493da2145c33b1bfd03dad664e1a3d54a800dc
cfefe4e361499d352ca75b1be29f9dda7e59f058c01e88af7424e6d6383c13c1
GET /common.js HTTP/1.1
Host: www.kidahora.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kidahora.net/news/2018/0125/99833.shtml
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 02:50:35 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.kidahora.net/tj.js
38.53.112.198200 OK 801 B IP 38.53.112.198:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash 49845246b5474410f84cc371860277be
e95c59cb06986e7604b3fd00940de0025a214213
16b39ec620fe9d8e17807a6248d8e14a2eb0b8eaa705ae03ec8ed023db214f65
GET /tj.js HTTP/1.1
Host: www.kidahora.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kidahora.net/news/2018/0125/99833.shtml
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 02:50:36 GMT
Content-Type: application/x-javascript
Content-Length: 801
Connection: keep-alive
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k008gL0Ly1tO41gpmwABLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hpmJKKf1CQhpWm6stzLWTPcJoZ8=
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 21a00317ffd0d0632989b2f91241de36
cc67cf1c99feadb5eefc2b5a094f952042decd54
8249ae54a81c1a0e643e59f98df63f0da951587cfc2cafb8fa505d1c17d485f0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8249AE54A81C1A0E643E59F98DF63F0DA951587CFC2CAFB8FA505D1C17D485F0"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5003
Expires: Thu, 19 Jan 2023 04:13:58 GMT
Date: Thu, 19 Jan 2023 02:50:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 21a00317ffd0d0632989b2f91241de36
cc67cf1c99feadb5eefc2b5a094f952042decd54
8249ae54a81c1a0e643e59f98df63f0da951587cfc2cafb8fa505d1c17d485f0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8249AE54A81C1A0E643E59F98DF63F0DA951587CFC2CAFB8FA505D1C17D485F0"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5003
Expires: Thu, 19 Jan 2023 04:13:58 GMT
Date: Thu, 19 Jan 2023 02:50:35 GMT
Connection: keep-alive
www.kidahora.net/favicon.ico
38.53.112.198200 OK 1.2 kB URL HTTP/1.1 www.kidahora.net/favicon.ico
IP 38.53.112.198:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.kidahora.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kidahora.net/news/2018/0125/99833.shtml
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 02:50:36 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 24 Jan 2023 02:50:36 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.kidahora.net/news/2018/0125/99833.shtml
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.kidahora.net/news/2018/0125/99833.shtml
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.kidahora.net/news/2018/0125/99833.shtml HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kidahora.net/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 19 Jan 2023 02:50:35 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 873e3b5f52a98b2afcae02a69ee945eb
eb5210b04c3fb50af051db73bb035e77ebcec01f
ed5c1f1cf32f38b07886cebd107eb77fa4a95a14c4f36b4f6546f3c8f40b423d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C1F1CF32F38B07886CEBD107EB77FA4A95A14C4F36B4F6546F3C8F40B423D"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17705
Expires: Thu, 19 Jan 2023 07:45:41 GMT
Date: Thu, 19 Jan 2023 02:50:36 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 8a8775dbf2206cfc677e59a04347e1df
5344fb2be5549826c3882cb4336d2e598ccfd302
659afca425226a04bb61397102403a2a0fa69fdee92d1208b0bd4b221d2c9d09
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 22 Jan 2023 23:02:18 GMT
ETag: "5344fb2be5549826c3882cb4336d2e598ccfd302"
Last-Modified: Wed, 18 Jan 2023 23:02:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3275
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc438a6afc0b31-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 8a8775dbf2206cfc677e59a04347e1df
5344fb2be5549826c3882cb4336d2e598ccfd302
659afca425226a04bb61397102403a2a0fa69fdee92d1208b0bd4b221d2c9d09
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 22 Jan 2023 23:02:18 GMT
ETag: "5344fb2be5549826c3882cb4336d2e598ccfd302"
Last-Modified: Wed, 18 Jan 2023 23:02:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3275
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc438a7b050b31-OSL
www.ppmvapi111.com/news/index.html
107.148.45.217200 OK 238 B URL HTTP/2 www.ppmvapi111.com/news/index.html
IP 107.148.45.217:0
File type HTML document, Unicode text, UTF-8 text
Hash 7fc398d054c92ecc96ea732cd566d257
3735682603d9454ac67c15b5883cc9456f5fa0dd
791bfb7ac67f5a30e7ffc135d41e8799218ef8481295e27c3fa8d7d149b281d0
GET /news/index.html HTTP/1.1
Host: www.ppmvapi111.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:25 GMT
content-type: text/html
content-length: 238
last-modified: Wed, 18 Jan 2023 09:27:12 GMT
etag: "63c7bb70-ee"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16704
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 02:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16704
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 02:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16704
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 02:50:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ge_XozSe44BAhC-fFiu-u8Oa4jd8Uctn4O3fmdLCavhYpcSVrhNMww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:42:33 GMT
age: 32883
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: foivwn43ar3fumR0-_7dX_YCcmM4s-LNWUIlGnwGb1kaXpVIi4sr7Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:15:16 GMT
age: 2120
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dc15588-7ab3-449b-841e-1b44848c69ff.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dc15588-7ab3-449b-841e-1b44848c69ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac1e9ae8dfefbc1932d060052188c0b
73e01cd7b75bb0768df616c1a0ebf02df8de5443
bdfbd218becc507160f4e4a162e345300b49aaf0a05effa900b15f757f0ccb3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dc15588-7ab3-449b-841e-1b44848c69ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11511
x-amzn-requestid: 8f92a31a-a233-4f35-9aac-b7b60a105021
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3vgjF9MIAMFlpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c62c69-7844213f4c220b0b140cabe0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 05:04:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J47HGWXY_9L6cigfbvLdt3dsls43-MMW38eXFkWPVGJW34-dOFZfYA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:48:30 GMT
age: 18126
etag: "73e01cd7b75bb0768df616c1a0ebf02df8de5443"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7817aa566a3271f82153811b756bb90f
6be8688f3b8d2f053afed5c09d00e71ad9210258
1ec4a11d1598683001714eb1a130c5ba96c37aef0e43623a17780f848543b1c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7864
x-amzn-requestid: 932e4550-d62d-448d-b60d-d3c62944c86c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEEVOIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-0977cfca7fe22f83168e5d9e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WSyQEwTUUN83EL9C9y9VPDzKnNjBXSmvcO5SfTuvIKPCDurKTM-oEg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:43:34 GMT
age: 83222
etag: "6be8688f3b8d2f053afed5c09d00e71ad9210258"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0322b0c1c8ccba218bb838b9a08236b
2019b85538667589467bd7330d5c14e81d0a0219
206ed7eb5ba89c76c42b01a7fbf354b9417dd87d8149847b28dab0cb1c887198
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3258
x-amzn-requestid: efeaacb9-f9b6-45ea-b457-dd2186113d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9704FE2IAMFw9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a685-5c761cba0ef3eb1e0849aac1;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ja6gtQbUWud7hCAcoQ5R1zHQROQUC9rQ_LycuQK3BqQT_5GIUz4Q_w==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:15:16 GMT
age: 2120
etag: "2019b85538667589467bd7330d5c14e81d0a0219"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 115c22a4d18aebbb8ffb5fdd8da8c8ba
6f77d73abc59ca903e2a7fd514b559c60931c4d7
74ef77f35165e40f1d9e2c68924a797a8f1b586c325c2d053f830a6f4163ca97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8388
x-amzn-requestid: 01537ac7-e1b1-4fe8-96dd-e6abd92c4a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegGC7IAMF-BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-0838524e1f33c0f53b548205;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NZT00_07uZ3G_UzocOal5svr6-nDGY-NtN7E7BrJXOMQ-qRUe1I9Xg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:56 GMT
age: 17680
etag: "6f77d73abc59ca903e2a7fd514b559c60931c4d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e880d5d844b63853f66d14cfefdc1cf
b175ce2f0dfa52ea672b4f6209789fdda832db2f
6ea2140c376ee99694761ea579f9e634a93ef946b4fec6f15f5307f3a65ccad5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EA2140C376EE99694761EA579F9E634A93EF946B4FEC6F15F5307F3A65CCAD5"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=627
Expires: Thu, 19 Jan 2023 03:01:04 GMT
Date: Thu, 19 Jan 2023 02:50:37 GMT
Connection: keep-alive
hm.baidu.com/hm.js?52bdc5bfbf75ae45f0f06f1c2b94552b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?52bdc5bfbf75ae45f0f06f1c2b94552b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash e95c0985fd20e627282843923df94720
2212d68f1dcf4b4595610c7afaabff1a5cc4ce8e
5b3f7fcf5cb15339f52ca746931aadf4715bc9010f1f129eefa4405d19cceb99
GET /hm.js?52bdc5bfbf75ae45f0f06f1c2b94552b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Thu, 19 Jan 2023 02:50:36 GMT
Etag: 3cad2c17e59d0e7e92686b5893f7aaad
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3DED93DA7CB32474; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?1d17743632808b728a4c05b9d579a62a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1d17743632808b728a4c05b9d579a62a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash dc01e0cb47fdded862f0d6411ef60872
6f25a158a1f296f647459419627b08ac0f7e2de4
46ecc8ee2ff3a2f55fe1c0a02796e8e5d6b24be2d0c0585053a8a6d993a6027d
GET /hm.js?1d17743632808b728a4c05b9d579a62a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 19 Jan 2023 02:50:36 GMT
Etag: abc71d058f64bec2227c56152771ecf0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8893DBFDB2BDCE9A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1723004456&si=52bdc5bfbf75ae45f0f06f1c2b94552b&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1723004456&si=52bdc5bfbf75ae45f0f06f1c2b94552b&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1723004456&si=52bdc5bfbf75ae45f0f06f1c2b94552b&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 19 Jan 2023 02:50:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=796A5660C1DBCB03; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fengmian.fhfhtutu.com/upload/vod/2023/01/omzh03werfh.jpg
172.67.38.180200 OK 12 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/omzh03werfh.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash eaa091add87dc86028aeef84c950f7d1
885de4986d7da7dbf7a7a0e4ac32fa59ad0aa741
eaedabc742cdc103dd87d7e822cf3d8766ee59aa2f4f3f1d9ef94b995815ee31
GET /upload/vod/2023/01/omzh03werfh.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 11636
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12214, status=webp_bigger
etag: "63c517f8-2fb6"
last-modified: Mon, 16 Jan 2023 09:25:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393be64b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/qicsafu2rcd.jpg
172.67.38.180200 OK 6.4 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/qicsafu2rcd.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29dee97769088bd9b70441c9b05416c2
19f35016919b9fd1617c278f3bfd5a14a353b2d1
585199c365d4c8e56c26368d65b7deed4bafb459cf36187921e551a03c150d17
GET /upload/vod/2023/01/qicsafu2rcd.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 6400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7712
content-disposition: inline; filename="qicsafu2rcd.webp"
etag: "63c51807-1e20"
last-modified: Mon, 16 Jan 2023 09:25:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be66b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/gqn5wn0sgm1.jpg
172.67.38.180200 OK 5.6 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/gqn5wn0sgm1.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8081c3554defe0cc918b0ff3c9358aee
6ee154cf65ccbad1b97be3996102f6a9424fff9a
16e380bbbfb6ef61886b0c6f74d5fa1d5da476919d0298c0e5f83bb24613dddc
GET /upload/vod/2023/01/gqn5wn0sgm1.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 5566
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7736
content-disposition: inline; filename="gqn5wn0sgm1.webp"
etag: "63c51839-1e38"
last-modified: Mon, 16 Jan 2023 09:26:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be6eb4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/1sma3lyyzeg.jpg
172.67.38.180200 OK 17 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/1sma3lyyzeg.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 90x67, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 64503b9b0887b8236fe50ac9f21cbf5f
700800020a1325c7176f85ed869cf1814e233544
d9594411616e1f5be51439ca93a4d660ce07ef4893c7c61f669e131049d9a1f8
GET /upload/vod/2023/01/1sma3lyyzeg.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 16606
cf-bgj: imgq:85,h2pri
cf-polished: origSize=17565, status=webp_bigger
etag: "63c51815-449d"
last-modified: Mon, 16 Jan 2023 09:25:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393be6ab4fd-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1646033143&si=1d17743632808b728a4c05b9d579a62a&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1646033143&si=1d17743632808b728a4c05b9d579a62a&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1646033143&si=1d17743632808b728a4c05b9d579a62a&v=1.3.0&lv=1&sn=5062&r=0&ww=1280&u=http%3A%2F%2Fwww.kidahora.net%2Fnews%2F2018%2F0125%2F99833.shtml&tt=%E5%AE%9C%E9%83%BD%E7%9C%8B%E4%BE%97%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 19 Jan 2023 02:50:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F297BCEBBAEC485B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fengmian.fhfhtutu.com/upload/vod/2023/01/ccoqht5o4mz.jpg
172.67.38.180200 OK 4.3 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/ccoqht5o4mz.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc1a53dbe96a2dd9f564285988d3f099
a209b3cc4afde515021b4ae8826084f9f0a23d6a
58152e0356c99eb3553f2d9fce5eb27ada94f6f0973a0156f5c1c5fd97869b1b
GET /upload/vod/2023/01/ccoqht5o4mz.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 4322
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5992
content-disposition: inline; filename="ccoqht5o4mz.webp"
etag: "63c51836-1768"
last-modified: Mon, 16 Jan 2023 09:26:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be6db4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/kztxvoulqk1.jpg
172.67.38.180200 OK 8.0 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/kztxvoulqk1.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0388283513cc77c84025542f0546ccd5
388427ffc36e10870157150c2d6ab4e04086073c
e9995121e8d5facba9fde22bcf27433a52222daaa3b17bae47ac84d7886f7f2f
GET /upload/vod/2023/01/kztxvoulqk1.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 8038
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9396
content-disposition: inline; filename="kztxvoulqk1.webp"
etag: "63c5180b-24b4"
last-modified: Mon, 16 Jan 2023 09:25:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be68b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/yep3k5tbb2g.jpg
172.67.38.180200 OK 9.5 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/yep3k5tbb2g.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b2fc2fe8c0f97ff2ca8a90269d0932d
112998f2c210467b9cdc7c81406f87edfcb6ab76
bb4068f8b225b124be8526cdf64357c00d54379bc0d9368caa562a99e9b8186c
GET /upload/vod/2023/01/yep3k5tbb2g.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 9536
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10324
content-disposition: inline; filename="yep3k5tbb2g.webp"
etag: "63c51810-2854"
last-modified: Mon, 16 Jan 2023 09:25:36 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be69b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/ramqjflj55o.jpg
172.67.38.180200 OK 6.7 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/ramqjflj55o.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bde5db02432d031c2e3bc7e842f1e96
cfa4b8d5f98b6e0d3f3836a55c36112c2f95ce73
ada7faa00f857e67a9fe3db118671ff455b1b7a67237407bf8263aa532686534
GET /upload/vod/2023/01/ramqjflj55o.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 6694
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8208
content-disposition: inline; filename="ramqjflj55o.webp"
etag: "63c51831-2010"
last-modified: Mon, 16 Jan 2023 09:26:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be6bb4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/uybkqymexma.jpg
172.67.38.180200 OK 11 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/uybkqymexma.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 64660d02219a8c6f979f2f044b1f609d
69bedbe052f8d1b8e0484f3c4f1106924b9b7b0f
06011551ae4780eb79355680250e758f0aad08c68557728bd6a3e18ee5e1f507
GET /upload/vod/2023/01/uybkqymexma.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 10705
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11283, status=webp_bigger
etag: "63c5183e-2c13"
last-modified: Mon, 16 Jan 2023 09:26:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6054
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393be6fb4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/jmxjqcstxnw.jpg
172.67.38.180200 OK 12 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/jmxjqcstxnw.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash de64aa25ba392522e821f54bd4106ff3
4b797846f4694f3de061980e86e603318ddb10a8
cda180b939d916883813ef07eeb2445cbb32172151b1da40abfab4b3606bed74
GET /upload/vod/2023/01/jmxjqcstxnw.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 11646
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=12392, status=webp_bigger
etag: "63c51842-3068"
last-modified: Mon, 16 Jan 2023 09:26:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393be70b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/x50vwysuj2h.jpg
172.67.38.180200 OK 8.8 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/x50vwysuj2h.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash ffea01544cdc5a681e03d464905a61c7
d9f751dfb5aee0850dc2be6e9d4873c1b7dbc64e
cd7b271a02af51b09dc356f8e6ef8590154947c92428869c3e5d7dad00078f6b
GET /upload/vod/2023/01/x50vwysuj2h.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 8804
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9247, status=webp_bigger
etag: "63c51b88-241f"
last-modified: Mon, 16 Jan 2023 09:40:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393be73b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/mi1com5hmeu.jpg
172.67.38.180200 OK 7.2 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/mi1com5hmeu.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4d9fd80a826c8118c92ff58247c9f42
9e688c5f57f7b975b00336f3e100b7bed1972d37
39c4d9ed7f04b4110dfc8015579c0fac2ccce8c7b5f3e877e7c2dd0e6af71933
GET /upload/vod/2023/01/mi1com5hmeu.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 7212
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8500
content-disposition: inline; filename="mi1com5hmeu.webp"
etag: "63c51b7e-2134"
last-modified: Mon, 16 Jan 2023 09:40:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be71b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/x1vhosmdjoh.jpg
172.67.38.180200 OK 9.1 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/x1vhosmdjoh.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d7d2319e287da0a46fcb10754d7622d
ec8e1cf45c1590dde48baf1ad2126bf25d00cc52
78c346600b48bbcd359a189f5abc9e7db0a8b9774fa18f58f32ea7250127b023
GET /upload/vod/2023/01/x1vhosmdjoh.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 9124
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9861
content-disposition: inline; filename="x1vhosmdjoh.webp"
etag: "63c51b83-2685"
last-modified: Mon, 16 Jan 2023 09:40:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393be72b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/odbgkosqv0j.jpg
172.67.38.180200 OK 6.7 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/odbgkosqv0j.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 534ca03846fa8f1fd38f72c63e2328ba
722a5aecdac2d4aa342443aee9c5cb1cbff3cbee
a7a07367a185c516ca8001b8549acbaa075295b90a5e1eb05545065bb0f3d645
GET /upload/vod/2023/01/odbgkosqv0j.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 6660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7749
content-disposition: inline; filename="odbgkosqv0j.webp"
etag: "63c51b8d-1e45"
last-modified: Mon, 16 Jan 2023 09:40:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393ce74b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/fma5ih5z5is.jpg
172.67.38.180200 OK 7.3 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/fma5ih5z5is.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bcdb51fae2615a1422deb59a2cd7af32
c6fb98763253042414d58b939e5c4b15baf970d2
2dc046bbf7629c82bffc0185a4af7ec7053991285f358f8fcf6bc7b7b9bd32e3
GET /upload/vod/2023/01/fma5ih5z5is.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 7318
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8434
content-disposition: inline; filename="fma5ih5z5is.webp"
etag: "63c51b91-20f2"
last-modified: Mon, 16 Jan 2023 09:40:33 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393ce77b4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2955
Expires: Thu, 19 Jan 2023 03:39:53 GMT
Date: Thu, 19 Jan 2023 02:50:38 GMT
Connection: keep-alive
fengmian.fhfhtutu.com/upload/vod/2023/01/dvzq5uli0vx.jpg
172.67.38.180200 OK 8.6 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/dvzq5uli0vx.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68a9993e27a85b6141bc2daa7e1dd893
d91800d42237f6f525c4202d6a25653a8551e7b7
e3925ccb580346e89a42168f085cc024132a66d5016ea51549fe784034bf5e0c
GET /upload/vod/2023/01/dvzq5uli0vx.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 8612
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10105
content-disposition: inline; filename="dvzq5uli0vx.webp"
etag: "63c51b98-2779"
last-modified: Mon, 16 Jan 2023 09:40:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393ce7bb4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/hft3ejg2uaq.jpg
172.67.38.180200 OK 5.4 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/hft3ejg2uaq.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57baf9c79e26ad0ac14059ee6ae0fe5a
cd08877ed40927c23ae24fe46874f855e30bed6d
81a5809c5f759d34136e74ca870208a0f42c8db8e217715fc3a1cadadc1c60bb
GET /upload/vod/2023/01/hft3ejg2uaq.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 5354
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7491
content-disposition: inline; filename="hft3ejg2uaq.webp"
etag: "63c51b95-1d43"
last-modified: Mon, 16 Jan 2023 09:40:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4393ce7ab4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/rbfppln13ny.jpg
172.67.38.180200 OK 10 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/rbfppln13ny.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 549c65524b30046e10de3f189fcc99c0
1f51b6d081b9b4ee628041307299078d5a9b7089
9815f41408c9ff8ae8d389e284f7a9335405b264a67ec5ef463faa53938f47d8
GET /upload/vod/2023/01/rbfppln13ny.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 10052
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10544, status=webp_bigger
etag: "63c51845-2930"
last-modified: Mon, 16 Jan 2023 09:26:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4393ee87b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/0yrdxx5o1sc.jpg
172.67.38.180200 OK 9.4 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/0yrdxx5o1sc.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a69b55a70ffae2d7d81dde55ceead43
b4733af6b98ae20dd93b9533830e523d93d5455f
b74955315725a3d15e38de16cea20b387f643523da77bf07a0efdb3c54c31ea0
GET /upload/vod/2023/01/0yrdxx5o1sc.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 9412
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10150
content-disposition: inline; filename="0yrdxx5o1sc.webp"
etag: "63c517ef-27a6"
last-modified: Mon, 16 Jan 2023 09:25:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc43942ea9b4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2955
Expires: Thu, 19 Jan 2023 03:39:53 GMT
Date: Thu, 19 Jan 2023 02:50:38 GMT
Connection: keep-alive
fengmian.fhfhtutu.com/upload/vod/2023/01/i33wefslqxv.jpg
172.67.38.180200 OK 8.5 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/i33wefslqxv.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 663d98577be154d8f8526b0365e23786
24438b1e0064bafe42315da4c2a89e382df666fb
60c5217dd6da39723694a50fe650c86526d4a225dc3dab720b5ec453f2fe5cc0
GET /upload/vod/2023/01/i33wefslqxv.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 8488
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9401
content-disposition: inline; filename="i33wefslqxv.webp"
etag: "63c5184a-24b9"
last-modified: Mon, 16 Jan 2023 09:26:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7191
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc43942ea8b4fd-OSL
X-Firefox-Spdy: h2
www.ppmv023.xyz/
107.148.45.244200 OK 14 kB IP 107.148.45.244:0
Hash 0262f4176639ee15502e16b1c203732f
424828d50ac8bcc432b191f351ab419b75e700b4
50c794236342f42f2154ff8960fda9a537555dca14e982640c3c56fc177e52bb
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmvapi111.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/up0mnwaje3h.jpg
172.67.38.180200 OK 8.2 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/up0mnwaje3h.jpg
IP 172.67.38.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 30c86c65d9b2faa612de879d4abe4270
05ea0ba5824a18b05075265f76899797d6c01190
69bf630246a8deeb8e091aab593cc63878eadb3e672da1309ed9815e727514cd
GET /upload/vod/2023/01/up0mnwaje3h.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 8214
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9634
content-disposition: inline; filename="up0mnwaje3h.webp"
etag: "63c517ff-25a2"
last-modified: Mon, 16 Jan 2023 09:25:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc43944eb1b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/ofvzrqc32zf.jpg
172.67.38.180200 OK 8.1 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/ofvzrqc32zf.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash e4c9fbcf0efa79b41c16b982b8afe634
632fc6fa887795df3116d4a1fde680808bf24c8a
614849dc48b783893b948be4ee9a2ed3ae8ebbe43869eb3efd8bbbdd544e8a86
GET /upload/vod/2023/01/ofvzrqc32zf.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 8059
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8539, status=webp_bigger
etag: "63c517fb-215b"
last-modified: Mon, 16 Jan 2023 09:25:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc43944eb2b4fd-OSL
X-Firefox-Spdy: h2
fengmian.fhfhtutu.com/upload/vod/2023/01/nrbwvsgz43f.jpg
172.67.38.180200 OK 11 kB URL HTTP/2 fengmian.fhfhtutu.com/upload/vod/2023/01/nrbwvsgz43f.jpg
IP 172.67.38.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 304x405, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 404289de382f38eaf0305141e7313076
61e1168eb7232d46cfb843a62cd9b3ae29539215
b96b00643e6e7206e56a683823f62a57005802e34ea64db80219bf1afc8ac300
GET /upload/vod/2023/01/nrbwvsgz43f.jpg HTTP/1.1
Host: fengmian.fhfhtutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 10665
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11202, status=webp_bigger
etag: "63c51802-2bc2"
last-modified: Mon, 16 Jan 2023 09:25:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc43944eb5b4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2955
Expires: Thu, 19 Jan 2023 03:39:53 GMT
Date: Thu, 19 Jan 2023 02:50:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2955
Expires: Thu, 19 Jan 2023 03:39:53 GMT
Date: Thu, 19 Jan 2023 02:50:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e2dd8ba2eeff12419dae4a574bb30ab
789845d6aa0b3ef14ad21674f6e4d7d9fe632686
76d6789023269b818ab69c36d950476c4d48e7deead9b9443d1585ed8c728438
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "76D6789023269B818AB69C36D950476C4D48E7DEEAD9B9443D1585ED8C728438"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2955
Expires: Thu, 19 Jan 2023 03:39:53 GMT
Date: Thu, 19 Jan 2023 02:50:38 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/lna0p44tlh0.jpg
104.22.12.214200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/lna0p44tlh0.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 6238eef2733d30df41e4d73d583478d3
661e25a9bae014032a3c49c30064bbccdc5941c9
9f83a744dc7fc42484289c7c4842a6ab6818e6f95182e0a7965a725f57432038
GET /upload/vod/2023/01/lna0p44tlh0.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 12520
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13106, status=webp_bigger
etag: "63bfc02a-3332"
last-modified: Thu, 12 Jan 2023 08:09:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc43947f8db527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/rpgnkgvviis.jpg
104.22.12.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/rpgnkgvviis.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e35fcebd4034c7c08750826acf14eb9
812610b16965a74c28ed1b22dc0949540c551ab8
043748704dbb7dfa3090111035da7073b38d11c0fbf4cc5f2ce5757ac5761aa5
GET /upload/vod/2023/01/rpgnkgvviis.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 6400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7824
content-disposition: inline; filename="rpgnkgvviis.webp"
etag: "63bfc02f-1e90"
last-modified: Thu, 12 Jan 2023 08:09:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc43947f8fb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/mejfmi2kpp5.jpg
104.22.12.214200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/mejfmi2kpp5.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 92b05ad7314f00a97bb3b78f29788825
abd5e22db24e5a880cb3c57d45edc611157c5fba
e6b465c2a3f7a907128f84901e44257cc40b745b495c358bfe84a3200512ebf9
GET /upload/vod/2023/01/mejfmi2kpp5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 14051
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14666, status=webp_bigger
etag: "63bfc011-394a"
last-modified: Thu, 12 Jan 2023 08:08:49 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc43948f9fb527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/y2fz2ydjc45.jpg
104.22.12.214200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/y2fz2ydjc45.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 744a89320a0e6ed603b9d2246cc51235
8e9536ae9f1ace82a40de04bb064e7f106278fd5
81e9c0bb3db96fc9028941d1a0cebee03311d5a8c74264b20db8c52406cec271
GET /upload/vod/2023/01/y2fz2ydjc45.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 8280
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10055
content-disposition: inline; filename="y2fz2ydjc45.webp"
etag: "63bfc026-2747"
last-modified: Thu, 12 Jan 2023 08:09:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc43948fa1b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/so15ls15bm2.jpg
104.22.12.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/so15ls15bm2.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e594f2f518a89834ecae7998f11ddd4d
d5329ed25510f01bbe3505cd68b604c622c9b022
562d7096e8dbe83d7bfbc955792707c2fe5d18f85700febf217911fe75dd8d8d
GET /upload/vod/2023/01/so15ls15bm2.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 7820
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8518
content-disposition: inline; filename="so15ls15bm2.webp"
etag: "63bfc014-2146"
last-modified: Thu, 12 Jan 2023 08:08:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4394afa7b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ejjr2efdwyf.jpg
104.22.12.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ejjr2efdwyf.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c56c3cdce37ba80d81676bc6d50055d6
1a9fa2cd0bfa23c68feb884c5efdb8ad4b216cd4
b4f575ac8e9ece8187ec3f5c1e2023d4e7a81f451af6e409b57d22180b83831a
GET /upload/vod/2023/01/ejjr2efdwyf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/jpeg
content-length: 13313
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13890, status=webp_bigger
etag: "63bfc021-3642"
last-modified: Thu, 12 Jan 2023 08:09:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc4394afa9b527-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/qrg1tidsk4r.jpg
104.22.12.214200 OK 4.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/qrg1tidsk4r.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8cfe6b3bb9959045d7c953f50bea9fb
637fafa72a78844ecbf81950583fdd9f90fd18b1
2ac1e659d0ac99aa74aa67dd4240e7c6cb43f127cece2a3aab7c2551861f4b03
GET /upload/vod/2023/01/qrg1tidsk4r.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:38 GMT
content-type: image/webp
content-length: 4720
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6949
content-disposition: inline; filename="qrg1tidsk4r.webp"
etag: "63bfc01e-1b25"
last-modified: Thu, 12 Jan 2023 08:09:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3828
accept-ranges: bytes
server: cloudflare
cf-ray: 78bc4394afaab527-OSL
X-Firefox-Spdy: h2
www.ppmv023.xyz/static/images/1.gif
107.148.45.244200 OK 254 B URL HTTP/2 www.ppmv023.xyz/static/images/1.gif
IP 107.148.45.244:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/1.gif HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: image/gif
content-length: 254
last-modified: Tue, 15 Nov 2022 08:35:43 GMT
etag: "63734f5f-fe"
expires: Sat, 18 Feb 2023 02:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/top.js?adv=0.9613513464574921
107.148.45.244200 OK 588 B URL HTTP/2 www.ppmv023.xyz/js/top.js?adv=0.9613513464574921
IP 107.148.45.244:0
File type HTML document, Unicode text, UTF-8 text
Hash add2d43fff1c9780af62656ec0de51f9
64adda4327ef9df8a60df4e760c19089370dc028
eb83c04e1e660929de5d79020e70557b8bb2e7783d100e72faa7ce2e3aff45e6
Analyzer Verdict Alert quad9 Sinkholed
GET /js/top.js?adv=0.9613513464574921 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: application/javascript
content-length: 588
last-modified: Sat, 31 Dec 2022 06:13:26 GMT
etag: "63afd306-24c"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0106a12000ae39u64C577.gif?proc=autoorient
104.110.17.24200 OK 408 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106a12000ae39u64C577.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 408 kB (407956 bytes)
Hash 456052cfab11e5c1230c2b8b07b28937
b04dc3234615beefb7c12b1788be71b1f61f10a3
a9495c045c83eae51ff9edee2d31d707218b5542946d2466c4d8d806f323324e
GET /images/0106a12000ae39u64C577.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 407956
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6759613
expires: Fri, 07 Apr 2023 08:30:52 GMT
date: Thu, 19 Jan 2023 02:50:39 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 32e37f68d69e03e105c8d8be330d3695
5b971c174cc2823109a38f131964c5fab8a985db
ae842fca3aaba9e10080c681272e1f76ea51681a9571a2b00c08fe684b1ff0ac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 23:24:26 GMT
Expires: Mon, 23 Jan 2023 23:24:25 GMT
Etag: "5b971c174cc2823109a38f131964c5fab8a985db"
Cache-Control: max-age=419025,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc439e2fa7b50f-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e9e08f5e3cf99ee39ca616b88ba54237
763cd0991cef91165403011397006c01f2c26685
c11691f0663907b97c506ee437d235d94f70d85ca4df8d97cce71c94e09b37bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 23:47:13 GMT
Expires: Mon, 23 Jan 2023 23:47:12 GMT
Etag: "763cd0991cef91165403011397006c01f2c26685"
Cache-Control: max-age=420392,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc439e2be0b51b-OSL
www.ppmv023.xyz/js/250/1.js?adv=0.8910293567778876
107.148.45.244200 OK 948 B URL HTTP/2 www.ppmv023.xyz/js/250/1.js?adv=0.8910293567778876
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (355)
Hash 494dd5f806d626fe98bf1807ff7534fe
066140a0274bbe3e57c2681b79fcd40aeaed7909
74b855f6342804cfc93e683252e5d820748d692ca91c6139312a1c1e2fc67ef8
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250/1.js?adv=0.8910293567778876 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:29 GMT
content-type: application/javascript
content-length: 948
last-modified: Sun, 01 Jan 2023 07:12:06 GMT
etag: "63b13246-3b4"
expires: Thu, 19 Jan 2023 14:50:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv023.xyz/template/m1938pc/images/video-mask.png
107.148.45.244200 OK 107 B URL HTTP/2 www.ppmv023.xyz/template/m1938pc/images/video-mask.png
IP 107.148.45.244:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:29 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:24 GMT
etag: "61d46450-6b"
expires: Sat, 18 Feb 2023 02:50:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv023.xyz/template/m1938pc/static/js/base1.js
107.148.45.244200 OK 4.2 kB URL HTTP/2 www.ppmv023.xyz/template/m1938pc/static/js/base1.js
IP 107.148.45.244:0
Hash 3f9d72d1b4fa2fa56730d7b73e35bea8
7b0e59a7e4df82be3fd16f05ecabafd89640c3b1
9c1703de91a1a2b5bb25cccf39b878c4c62cbf9fcf072dde5c3495367cd2a63e
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/js/base1.js HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: application/javascript
last-modified: Sat, 31 Dec 2022 07:21:11 GMT
vary: Accept-Encoding
etag: W/"63afe2e7-153a"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/P7Q7skpuqPQ
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/P7Q7skpuqPQ
IP 142.250.74.131:0
Hash 39992769208b2d60575fe5feeb318d52
cd6a210def2cc8a1db09329ceb099728fa73da8b
30a479a766387647be7ca2d3aea1bba506e4e7a567c21fbb2068380aad52fd91
POST /s/gts1p5/P7Q7skpuqPQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:50:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sv1.stor.petaexpress.com/dfegfegeg/1.jpg
199.180.101.118200 OK 14 kB URL HTTP/1.1 sv1.stor.petaexpress.com/dfegfegeg/1.jpg
IP 199.180.101.118:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 650x96, components 3\012- data
Hash db2dbdc216703ec86bc6d75d652e7007
a2610252e80c359f3026f6bf3b744c23c3d4cb98
48dc2e5f86c223bdcfdf820eeb1ddef2840c9789dabd79ef2cf8bd67b0f22eb8
GET /dfegfegeg/1.jpg HTTP/1.1
Host: sv1.stor.petaexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: image/jpeg
Content-Length: 14485
Connection: keep-alive
Accept-Ranges: bytes
Etag: "db2dbdc216703ec86bc6d75d652e7007"
Last-Modified: Fri, 23 Dec 2022 09:12:12 GMT
x-qs-request-id: 62c2318d00e64f26
x-qs-storage-class: STANDARD
www.ppmv023.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
107.148.45.244200 OK 2.8 kB URL HTTP/2 www.ppmv023.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
IP 107.148.45.244:0
Hash 842dd8c8b1ae187ab6bd497b56729049
c0d054e0c346ac64ef51dd4a666571fbbb107b6d
7fc97a946b9382f7c0fb32c0fca6f87240658b8070cc0fd3ef568f6eca7e5d78
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:24 GMT
vary: Accept-Encoding
etag: W/"61d99ad8-d35"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d69d88ad63588a4de444e3ec5ccbc806
eaa2466a9eaa28372836271cff9a3895bb5db975
acfc03ea2d27ce13b604970d3415748415bbc0794362c4829cc88fa4b14f6f3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACFC03EA2D27CE13B604970D3415748415BBC0794362C4829CC88FA4B14F6F3A"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 19 Jan 2023 04:27:52 GMT
Date: Thu, 19 Jan 2023 02:50:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b498c9107f18a732d424d0cc2feec923
3d504d7fddd5ef51228c6a9456e1000d14baaecc
b37867d6af61465ee72ed5c69e26820c40af5826bb383f033859f2256db6e014
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B37867D6AF61465EE72ED5C69E26820C40AF5826BB383F033859F2256DB6E014"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3349
Expires: Thu, 19 Jan 2023 03:46:29 GMT
Date: Thu, 19 Jan 2023 02:50:40 GMT
Connection: keep-alive
www.ppmv023.xyz/template/m1938pc/static/js/jquery.min.js
107.148.45.244200 OK 38 kB URL HTTP/2 www.ppmv023.xyz/template/m1938pc/static/js/jquery.min.js
IP 107.148.45.244:0
Hash 00c69bff2613f1e7ad079d26d2cbdda0
e09db659ea96fa64df5e69506343452b9837459d
290f7439055ef93cff874023694917e983be064a1af8ce270ceb1db7c94330bc
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/js/jquery.min.js HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:34 GMT
vary: Accept-Encoding
etag: W/"61d99aa6-17b8b"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 9b055431072e5f3d4f34ce455ae62668
6c8cb3dc22a211088f052f62bf6324ec285a4ac4
4293c1802702ddc85264f039caf1f889d261e1c68a6efd12bdb503716a4b4eb3
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 08:13:22 GMT
Expires: Wed, 25 Jan 2023 08:13:21 GMT
Etag: "6c8cb3dc22a211088f052f62bf6324ec285a4ac4"
Cache-Control: max-age=537160,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc43a34bffb4f7-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ac38bfb2d6c13f67febd75b622a78355
541fb7c0aa6128a1923cdb1c501da691a19e3d98
8df93dbce861b90f04cf34c5d26904fa748a23efa8f181c0dc502108fd7e3a5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 22:05:43 GMT
Expires: Tue, 24 Jan 2023 22:05:42 GMT
Etag: "541fb7c0aa6128a1923cdb1c501da691a19e3d98"
Cache-Control: max-age=500701,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc43a41998b50f-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 981d57c60cf52ddb6de918940a60d63f
9de3d137ea97b6eba2c427abaa2e2a88a97af5f1
6a5c75990fec9cd1fa22d5fe9aae8dd9bca6dd8be839caacd24f3d85217d672c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 20:47:59 GMT
Expires: Mon, 23 Jan 2023 20:47:58 GMT
Etag: "9de3d137ea97b6eba2c427abaa2e2a88a97af5f1"
Cache-Control: max-age=409637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc43a45ea4b51b-OSL
www.ppmv023.xyz/js/250/3.js?adv=0.8594770561633436
107.148.45.244200 OK 486 B URL HTTP/2 www.ppmv023.xyz/js/250/3.js?adv=0.8594770561633436
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 4ce206cd22ea1ac05c3d229b392d2896
a8ca9dd8fb48bce78ccb44933d0c722401419fb3
c03b31145986256c54d4bcbfc2a0de7d1c5592b4ffb0517311bd0228ea4e39d9
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250/3.js?adv=0.8594770561633436 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:29 GMT
content-type: application/javascript
content-length: 486
last-modified: Sat, 19 Nov 2022 10:19:33 GMT
etag: "6378adb5-1e6"
expires: Thu, 19 Jan 2023 14:50:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 59b5f2ae7840c24c570ef2b2e27c5388
672f2566adf97cf6e91df7b4fe3514c1b261b316
1e8f68e0c1a0954140829f024a872220e827b7fd0cf4cd0b31a519a4b9389bf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E8F68E0C1A0954140829F024A872220E827B7FD0CF4CD0B31A519A4B9389BF5"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8539
Expires: Thu, 19 Jan 2023 05:12:59 GMT
Date: Thu, 19 Jan 2023 02:50:40 GMT
Connection: keep-alive
fadacaitp.com/68-960-120.gif
20.196.221.223200 OK 288 kB URL HTTP/1.1 fadacaitp.com/68-960-120.gif
IP 20.196.221.223:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 288 kB (287519 bytes)
Hash 3d5e731d6365175f812cb186a1194fda
802d04669847c469ac67e6d5f36878f8fe85bf63
f21ad6b7f851d2128d3762bb073466153b7accddbfbd140444e6f282da42a75d
GET /68-960-120.gif HTTP/1.1
Host: fadacaitp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:39 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 25 Dec 2022 07:04:53 GMT
ETag: W/"63a7f615-6befc"
Expires: Fri, 17 Feb 2023 12:08:26 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
xinchacha2dv.ocsp-certum.com/
95.101.10.193200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash c4f9e3c9001f9837da68bcd7bf1bd64e
b0794c09a4abf59a6f269305638133b2b31424b8
83e1352845bba5bf59eb13d2896d1f23d33e80ee8173b400ab892bfe7bfa4c60
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=885
Date: Thu, 19 Jan 2023 02:50:40 GMT
Connection: keep-alive
X-N: S
www.ppmv023.xyz/js/250.js?adv=0.03148398603432856
107.148.45.244200 OK 28 kB URL HTTP/2 www.ppmv023.xyz/js/250.js?adv=0.03148398603432856
IP 107.148.45.244:0
Hash 8480ce0821e890a64e56ae329d640523
dc9868b1f5e5965cf741240dc72a74568c52f94a
c9340aafd3fe17b65d41f0ccc428482db137456881c4b293abcc41af37704bdf
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250.js?adv=0.03148398603432856 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:29 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 12:11:59 GMT
vary: Accept-Encoding
etag: W/"63bff90f-e53"
expires: Thu, 19 Jan 2023 14:50:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/xx3.js?adv=0.2154944475461794
107.148.45.244200 OK 360 B URL HTTP/2 www.ppmv023.xyz/js/xx3.js?adv=0.2154944475461794
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3e24852309978d1690e8c4809f989280
f590486d685ac8d4d2eba4f5fe1f3bf0beb723e7
a503f4a1ccd24a5e31dbfbbf18825476012481b775f1606f01275c0af15d1e58
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xx3.js?adv=0.2154944475461794 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:30 GMT
content-type: application/javascript
content-length: 360
last-modified: Sat, 19 Nov 2022 10:18:53 GMT
etag: "6378ad8d-168"
expires: Thu, 19 Jan 2023 14:50:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/250/4.js?adv=0.3111169062278858
107.148.45.244200 OK 486 B URL HTTP/2 www.ppmv023.xyz/js/250/4.js?adv=0.3111169062278858
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 4ce206cd22ea1ac05c3d229b392d2896
a8ca9dd8fb48bce78ccb44933d0c722401419fb3
c03b31145986256c54d4bcbfc2a0de7d1c5592b4ffb0517311bd0228ea4e39d9
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250/4.js?adv=0.3111169062278858 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:30 GMT
content-type: application/javascript
content-length: 486
last-modified: Sat, 19 Nov 2022 10:19:41 GMT
etag: "6378adbd-1e6"
expires: Thu, 19 Jan 2023 14:50:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 402f791e577330d187550084d7b38c0b
9b285b848a89bfe383a92ad861fe5effbcb8183a
0b8c25343c4035a18a87986440d3004f0295d149ca50753fb05257ce3cfbe72e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:41 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 10:45:43 GMT
Expires: Tue, 24 Jan 2023 10:45:42 GMT
Etag: "9b285b848a89bfe383a92ad861fe5effbcb8183a"
Cache-Control: max-age=459900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc43a80dc8b4f7-OSL
99883aaa.com/c0aaf969549441f3bca72296bf90ec44.gif
103.170.15.94200 OK 245 kB URL HTTP/1.1 99883aaa.com/c0aaf969549441f3bca72296bf90ec44.gif
IP 103.170.15.94:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (244932 bytes)
Hash 433a6acbee7487fdfe64b06f5ab6c7a4
f69ed0f48baa9067b3657c02ab44ad80b10d6c09
54613a2d466fdfafeda33bfcb6726d2d3dbba765da415b603d471bfc77968ee7
GET /c0aaf969549441f3bca72296bf90ec44.gif HTTP/1.1
Host: 99883aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a2e912-3bcc4"
Date: Fri, 13 Jan 2023 11:50:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 21 Dec 2022 11:08:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 244932
qp.ezfxpuo.cn/960X60.gif
218.66.171.96200 OK 254 kB IP 218.66.171.96:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Thu, 19 Jan 2023 02:50:40 GMT
content-type: image/gif
content-length: 253519
x-oss-request-id: 63A4A4F1B374843830BBB976
etag: "F744E995971941B6A95FCD2636F5A545"
last-modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
8499483.com/8499/zzxx/960x100.gif
172.247.50.228200 OK 479 kB URL HTTP/2 8499483.com/8499/zzxx/960x100.gif
IP 172.247.50.228:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 479 kB (479036 bytes)
Hash f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:40 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/250/5.js?adv=0.5149166866758659
107.148.45.244200 OK 429 B URL HTTP/2 www.ppmv023.xyz/js/250/5.js?adv=0.5149166866758659
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (345)
Hash b091ecd1c842b0f03f7c9898274a3bf9
4cfd13aebfcf6101c639e255b252a4993056b2d6
5fc0828eaba80bdde4e6d053fbe4007fa3b5a3400e82e43f0e08033998fad7a4
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250/5.js?adv=0.5149166866758659 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:30 GMT
content-type: application/javascript
content-length: 429
last-modified: Sat, 19 Nov 2022 10:19:48 GMT
etag: "6378adc4-1ad"
expires: Thu, 19 Jan 2023 14:50:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
339282bdb.com/3a6d5b19ebe640c2aa3a0d954584e13d.gif
45.61.212.124200 OK 577 kB URL HTTP/1.1 339282bdb.com/3a6d5b19ebe640c2aa3a0d954584e13d.gif
IP 45.61.212.124:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 577 kB (577413 bytes)
Hash f64cbeb43b40a06a467d403c4ee8f584
87df926cfc971f9af3784707b24eaf97a7acdf2a
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438
Analyzer Verdict Alert quad9 Sinkholed
GET /3a6d5b19ebe640c2aa3a0d954584e13d.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a2e8c4-8cf85"
Date: Wed, 21 Dec 2022 12:09:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 21 Dec 2022 11:06:44 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-24
Content-Length: 577413
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 1 B URL HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:43:48 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Sat, 18 Feb 2023 02:43:48 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 67980963b587eac8b99e81e362c83d01
56c82c6e53693eb4933a411162b1729ea6aa5c90
fdf9cdaa089740b89f7a55f2f7a640fc1a7a966726bf13e0ac4a2d03ca9d1101
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 04:32:33 GMT
Expires: Mon, 23 Jan 2023 04:32:32 GMT
Etag: "56c82c6e53693eb4933a411162b1729ea6aa5c90"
Cache-Control: max-age=351110,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bc43aa8c42b50f-OSL
www.ppmv023.xyz/js/250/6.js?adv=0.470184318191437
107.148.45.244200 OK 454 B URL HTTP/2 www.ppmv023.xyz/js/250/6.js?adv=0.470184318191437
IP 107.148.45.244:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (366)
Hash fb969bfaceb99f1da30a8eeef7ef3f9c
d30202994b3fbd393bfa93cea12ddc7cf445ac0a
befa9bb57dc5ce8dce7d72153b95becb0b1408e127d7d4ccfe122da80928a2e6
Analyzer Verdict Alert quad9 Sinkholed
GET /js/250/6.js?adv=0.470184318191437 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:31 GMT
content-type: application/javascript
content-length: 454
last-modified: Sat, 19 Nov 2022 10:19:55 GMT
etag: "6378adcb-1c6"
expires: Thu, 19 Jan 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif
120.52.95.239200 OK 118 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif
IP 120.52.95.239:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 60\012- data
Size 118 kB (118121 bytes)
Hash caaa592fad00ee9d8db810c6fdf0741d
90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
GET /bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:41 GMT
Content-Type: image/gif
Content-Length: 118121
Connection: keep-alive
Server: openresty
Age: 2491850
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "caaa592fad00ee9d8db810c6fdf0741d"
Last-Modified: Wed, 21 Dec 2022 06:06:06 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE10[3],CHN-HElangfang-AREACUCC1-CACHE7[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE97[13],CHN-TJ-GLOBAL1-CACHE7[0,TCP_HIT,9]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTyHQVjTG8D2o6c582FA8t4+ZByaQ0HW
x-amz-request-id: 00000185334A066E90100F774C8E3CB5
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
587tuchuang.com/587z80.gif
183.255.106.42200 OK 139 kB URL HTTP/1.1 587tuchuang.com/587z80.gif
IP 183.255.106.42:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 139 kB (139025 bytes)
Hash 4751af930c8c7b33a61958356ca554f0
c0cfc5b499211aa4f43c5815630738d36013c1aa
68f1f41464e84af0d6078d951d3a3f479e6865bb641a6eed4ba969bb7067bb18
GET /587z80.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:40 GMT
Content-Type: image/gif
Content-Length: 139025
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:30:32 GMT
ETag: "63a30a78-21f11"
Expires: Wed, 15 Feb 2023 09:33:58 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
www.ppmv023.xyz/js/xx4.js?adv=0.6592403563941226
107.148.45.244200 OK 916 B URL HTTP/2 www.ppmv023.xyz/js/xx4.js?adv=0.6592403563941226
IP 107.148.45.244:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash bd5e3af6c592753239f355e60ce2f3ef
6ace16da2fe5b94a940410f05e2152e09a5b3e3a
b5e6dd7d88f403621cff37dfd07e02a503e07bf6e77120afe138923e9f066c97
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xx4.js?adv=0.6592403563941226 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:31 GMT
content-type: application/javascript
content-length: 916
last-modified: Sat, 19 Nov 2022 10:23:56 GMT
etag: "6378aebc-394"
expires: Thu, 19 Jan 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8499583.com/8499/320x180.gif
23.224.101.34200 OK 189 kB URL HTTP/2 8499583.com/8499/320x180.gif
IP 23.224.101.34:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 189 kB (188752 bytes)
Hash b509f2dc9b21ae7425713b0313a9e0ae
f8d9ab2e41c442872a8193cdefbfd24972c25d49
9ca2b0643406090c29973b82953032ca7f0027b0ae2d871e5de77e89ce2f1c21
GET /8499/320x180.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:41 GMT
content-type: image/gif
content-length: 188752
last-modified: Wed, 28 Dec 2022 08:15:26 GMT
etag: "2e150-5f0def882a9b5"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
88669aaa.com/25420bf1633f415a98bf08adad739b1d.gif
103.170.15.114200 OK 256 kB URL HTTP/1.1 88669aaa.com/25420bf1633f415a98bf08adad739b1d.gif
IP 103.170.15.114:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 250 x 250\012- data
Size 256 kB (255489 bytes)
Hash ca7313d6365f58f3a63a7ec7b0b03bd7
cca6d995add65c025f00daae985d27956556ea31
edeff7a7abec5e23a0a8a5ec5a35698a2a3aa22293df373b85d15813e7fd8155
Analyzer Verdict Alert quad9 Sinkholed
GET /25420bf1633f415a98bf08adad739b1d.gif HTTP/1.1
Host: 88669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a2eee7-3e601"
Date: Sun, 01 Jan 2023 05:27:29 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 21 Dec 2022 11:32:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-44
Content-Length: 255489
www.ppmv023.xyz/ads/piaofu.js?adv=0.6644819400339645
107.148.45.244404 Not Found 146 B URL HTTP/2 www.ppmv023.xyz/ads/piaofu.js?adv=0.6644819400339645
IP 107.148.45.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /ads/piaofu.js?adv=0.6644819400339645 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 19 Jan 2023 02:50:31 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/piaofu.js?adv=0.2502140050918652
107.148.45.244200 OK 249 kB URL HTTP/2 www.ppmv023.xyz/js/piaofu.js?adv=0.2502140050918652
IP 107.148.45.244:0
Size 249 kB (249093 bytes)
Hash 2d20f5dc3c179301576ee7c6afd1d0ef
2773121d70b9d0e36bd6d0086886acad1ba861b5
bd5948ee5d3a04116d377cd795e066d13dea2ae12096b538d5a30d74a96e8bf0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/piaofu.js?adv=0.2502140050918652 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:31 GMT
content-type: application/javascript
last-modified: Sat, 31 Dec 2022 06:04:22 GMT
vary: Accept-Encoding
etag: W/"63afd0e6-1594"
expires: Thu, 19 Jan 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
pure-stone.vip/mdt/gf.gif
8.210.54.4200 OK 255 kB URL HTTP/1.1 pure-stone.vip/mdt/gf.gif
IP 8.210.54.4:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 255 kB (254676 bytes)
Hash b5ea5571a92405159b9d89c541d84292
01a4f1a14743be6bf9d68ba0711bb0c3868fcfce
2eb0b29ee55ca3de117fb698405c564ca1791583e50b5be567eb9cf24910424c
GET /mdt/gf.gif HTTP/1.1
Host: pure-stone.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:50:41 GMT
Content-Type: image/gif
Content-Length: 254676
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 09:39:58 GMT
ETag: "637752ee-3e2d4"
Expires: Sat, 18 Feb 2023 02:24:20 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
www.ppmv023.xyz/js/tongji.js?adv=0.08217879002829698
107.148.45.244200 OK 254 B URL HTTP/2 www.ppmv023.xyz/js/tongji.js?adv=0.08217879002829698
IP 107.148.45.244:0
Hash 33bfe88fe108264906550fc71fee999b
ffcdd93706a63369148ac4df56096976d2540d5c
9d2d61329c0baa529f4d56116bf456f787f01d0194ff9c711afb6280a739562e
Analyzer Verdict Alert quad9 Sinkholed
GET /js/tongji.js?adv=0.08217879002829698 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:32 GMT
content-type: application/javascript
content-length: 254
last-modified: Sun, 01 Jan 2023 09:06:32 GMT
etag: "63b14d18-fe"
expires: Thu, 19 Jan 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6391490fe039c3b8b30b2a81c74234a1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6391490fe039c3b8b30b2a81c74234a1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 38fe58fedf7eecfcb71bf6bff005e704
a1f6c9de467dda41634b9146c5ceba71aecebce7
aa4a26cfcc8a5b0c898993b603469104f3554509cb74b9c528b0fcc013c55eed
GET /hm.js?6391490fe039c3b8b30b2a81c74234a1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Thu, 19 Jan 2023 02:50:42 GMT
Etag: b36474bf96e169c7bf6d21c6049786ca
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F7CB6D2A4A09F625; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?889fe9c05f7b0f2db8ba49f0651b6f40
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?889fe9c05f7b0f2db8ba49f0651b6f40
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash af9963a0d27123ef533960524c963034
98201fec28c53352ec98e5ac9dd11738aee7780a
f230914296f1a08a945feb34f5cf33205e8903011324648866b34ad80c68d3c3
GET /hm.js?889fe9c05f7b0f2db8ba49f0651b6f40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Thu, 19 Jan 2023 02:50:42 GMT
Etag: 84fdd03a27003a5e244535f5750c01cb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=05264F2E6029C371; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.ppmv023.xyz/js/xx1.js?adv=0.9878742177280259
107.148.45.244200 OK 0 B URL HTTP/2 www.ppmv023.xyz/js/xx1.js?adv=0.9878742177280259
IP 107.148.45.244:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xx1.js?adv=0.9878742177280259 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:28 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 13:56:31 GMT
vary: Accept-Encoding
etag: W/"63c0118f-f79"
expires: Thu, 19 Jan 2023 14:50:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/wz.js?adv=0.6300967375008696
107.148.45.244200 OK 0 B URL HTTP/2 www.ppmv023.xyz/js/wz.js?adv=0.6300967375008696
IP 107.148.45.244:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/wz.js?adv=0.6300967375008696 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:28 GMT
content-type: application/javascript
last-modified: Sat, 19 Nov 2022 10:18:43 GMT
vary: Accept-Encoding
etag: W/"6378ad83-d33"
expires: Thu, 19 Jan 2023 14:50:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv023.xyz/template/m1938pc/css/ate.css
107.148.45.244200 OK 0 B URL HTTP/2 www.ppmv023.xyz/template/m1938pc/css/ate.css
IP 107.148.45.244:0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:26 GMT
vary: Accept-Encoding
etag: W/"61d46416-126e4"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv023.xyz/js/wz2.js?adv=0.30472707087989104
107.148.45.244200 OK 0 B URL HTTP/2 www.ppmv023.xyz/js/wz2.js?adv=0.30472707087989104
IP 107.148.45.244:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/wz2.js?adv=0.30472707087989104 HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:28 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 10:36:47 GMT
vary: Accept-Encoding
etag: W/"63c7cbbf-d64"
expires: Thu, 19 Jan 2023 14:50:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv023.xyz/template/m1938pc/css/zui.css
107.148.45.244200 OK 0 B URL HTTP/2 www.ppmv023.xyz/template/m1938pc/css/zui.css
IP 107.148.45.244:0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.ppmv023.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:50:27 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 12:08:14 GMT
vary: Accept-Encoding
etag: W/"6370de2e-15b6c"
expires: Thu, 19 Jan 2023 14:50:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.129.255.47200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 19 Jan 2023 02:50:41 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 119477 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 15d189fb-24d7-4ed9-bfc7-81797b1ec4e8
X-Firefox-Spdy: h2
cdn.bootscdn.net/ajax/libs/jquery/3.6.1/jquery.js
172.67.194.235200 OK 0 B URL HTTP/2 cdn.bootscdn.net/ajax/libs/jquery/3.6.1/jquery.js
IP 172.67.194.235:0
GET /ajax/libs/jquery/3.6.1/jquery.js HTTP/1.1
Host: cdn.bootscdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kidahora.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:50:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
last-modified: Thursday, 19-Jan-2023 02:50:35 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiUKXl60WctuNqBN0r9a7J0h7bivtWVTLO06W%2B2mYdo8gR8nrfLJUyv7uvB1Q%2BDuJpWAKxOEgaGKkxAuKmJTVWk2t0WjjccVoBCtYSaYLivhdTze9dDo5gPjVH0RddqtR7rx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78bc43844facb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
43.129.255.47200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv023.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 19 Jan 2023 02:50:42 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 111352 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: cc4d7104-5b9b-416c-9041-25d3160c40fe
X-Firefox-Spdy: h2