r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 15 Nov 2022 04:44:39 GMT
Date: Tue, 15 Nov 2022 04:06:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6091
Cache-Control: max-age=115568
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:40 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 12:12:48 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 03:44:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1323
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7620
Expires: Tue, 15 Nov 2022 06:13:40 GMT
Date: Tue, 15 Nov 2022 04:06:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pFzhiNQE1XdQt8kfbHPC3fQMbbXEPubX3tBvR5wrn93YVPr+acNIuUEnqpdrm33j8t1X4JK9+68=
x-amz-request-id: C0HME8A3MWP9SSP8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 03:14:06 GMT
age: 3154
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sadiqtv.com/
154.23.86.170301 Moved Permanently 0 B IP 154.23.86.170:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: sadiqtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 15 Nov 2022 04:06:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.sadiqtv.com/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 04:06:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 03:25:01 GMT
cache-control: public,max-age=3600
age: 2500
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5329
Cache-Control: max-age=109749
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:41 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:35:50 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.sadiqtv.com/index.php
154.23.86.170200 OK 586 B URL HTTP/1.1 www.sadiqtv.com/index.php
IP 154.23.86.170:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (592), with CRLF line terminators
Hash b7e14b46f8ad32b6beefb2bbfcd25f37
28b4dca921de9cc4e4525ccc43f8215856b66cbe
de21211c95acd9b5032559eb57fd017d31c530f5dcb90003fbceae709acdc6ff
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /index.php HTTP/1.1
Host: www.sadiqtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 04:06:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u8YYs4HT57RJhpJ9ZYz8uQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 00tE5tcKA2dtDB79hxnbDgNW5Ow=
www.sadiqtv.com/common.js
154.23.86.170200 OK 679 B URL HTTP/1.1 www.sadiqtv.com/common.js
IP 154.23.86.170:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators
Hash e4bad2df861c5c384baadd792a442835
3d154ffc9d9d71033c44391e4e619200e83e3ff5
3f11f55c8920a5d43a203c58ca98395b185ca2b7d0dbb2d532c8bec617913733
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /common.js HTTP/1.1
Host: www.sadiqtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sadiqtv.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 04:06:35 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.sadiqtv.com/tj.js
154.23.86.170200 OK 784 B IP 154.23.86.170:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type ASCII text, with CRLF line terminators
Hash 0d150ec774a8d3770bc20d755ad65ada
d2ec7bf84513bb66c6576c07133907cf548084b2
ff34964d38dde5db0e1d3b0329c70c01373ad8396754d09d9a4e8ef83c369d88
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tj.js HTTP/1.1
Host: www.sadiqtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sadiqtv.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 04:06:35 GMT
Content-Type: application/x-javascript
Content-Length: 784
Connection: keep-alive
www.sadiqtv.com/favicon.ico
154.23.86.170200 OK 1.2 kB URL HTTP/1.1 www.sadiqtv.com/favicon.ico
IP 154.23.86.170:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.sadiqtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sadiqtv.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 04:06:35 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 20 Nov 2022 04:06:35 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
www.e2bc.cn/
170.178.162.83200 OK 11 kB IP 170.178.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1244), with CRLF, LF line terminators
Hash 194908c98bd0bb0b90f7d4c774e5b3b4
4840a651ca63bf12af8a58e36c9d013f7d15190d
828ea6637cc3e8b632fde9a260e908f952a2f55b67a35ff4cd0f4b5370f21ce6
GET / HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=76jgj5hvqmes70rkcb6i1mqnc3; path=/
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 11392
www.e2bc.cn/template/m1938pcc/css/ate.css
170.178.162.83200 OK 4.5 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/css/ate.css
IP 170.178.162.83:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
GET /template/m1938pcc/css/ate.css HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 12:25:47 GMT
Accept-Ranges: bytes
ETag: "8017b7ed7a55d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 4498
www.e2bc.cn/template/m1938pcc/css/zui.css
170.178.162.83200 OK 18 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/css/zui.css
IP 170.178.162.83:0
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 7f37b117dfa0c501573846a4ae6deed2
3ec6f2715301305e6fcd49c4b79af4d276359878
3a2f44416c454990e7b961387e4205358658e68fb9c64de8ab77798188390cad
GET /template/m1938pcc/css/zui.css HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 24 Apr 2022 03:43:58 GMT
Accept-Ranges: bytes
ETag: "01356878d57d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 17938
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1d358b7e17725a2ff07583a292f40d5e
97b4ec3d042d0bd8af9e2661be979505ebe4e550
c7d29b82c5d271bd47af0f56a931b4aa1dc897e6e0234571ad07982807f0fc6d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 01:20:17 GMT
ETag: "97b4ec3d042d0bd8af9e2661be979505ebe4e550"
Last-Modified: Tue, 15 Nov 2022 01:20:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a51da73f891c12-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1d358b7e17725a2ff07583a292f40d5e
97b4ec3d042d0bd8af9e2661be979505ebe4e550
c7d29b82c5d271bd47af0f56a931b4aa1dc897e6e0234571ad07982807f0fc6d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 01:20:17 GMT
ETag: "97b4ec3d042d0bd8af9e2661be979505ebe4e550"
Last-Modified: Tue, 15 Nov 2022 01:20:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a51da73dbeb50b-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 1d358b7e17725a2ff07583a292f40d5e
97b4ec3d042d0bd8af9e2661be979505ebe4e550
c7d29b82c5d271bd47af0f56a931b4aa1dc897e6e0234571ad07982807f0fc6d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 01:20:17 GMT
ETag: "97b4ec3d042d0bd8af9e2661be979505ebe4e550"
Last-Modified: Tue, 15 Nov 2022 01:20:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a51da73d8f0b69-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4GdlXHpFADt-b7aq-JhGnU4derYUx0ta39dEXO3ywma3_J0L3D1fug==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:13:15 GMT
age: 86008
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 962f43862a852bfa6766b9a2d8bfb99d
a5283e68020826f085fb4f06e3dcd36cef9eb067
7eee8aa0f5c6bce04a86fa16fb5d3e632d54792d79c550b044a40a6f070b89d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15206
x-amzn-requestid: a04dc971-de49-4dc4-8bc2-2d3244d33ace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhpEJkoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-632efaa725c2b959692e9e77;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ucLWmapHlWoKDoeb_ff2qbZOKGJLLQuq6RoP9mpFWOCVAJ70t13yw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 22850
etag: "a5283e68020826f085fb4f06e3dcd36cef9eb067"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:52:43 GMT
age: 22440
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.e2bc.cn/template/m1938pcc/ads/ggzz.gif
170.178.162.83200 OK 41 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/ggzz.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 963 x 80\012- data
Hash 65988569074cefbd9e26db1a5ea83628
3d371a1f58afb88ccef0fa3c76f1ea815292186f
ae2788dfeaaa46eb6c6e066eeb84dafad9778638f332450f2dd92322cbe291bd
GET /template/m1938pcc/ads/ggzz.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 22 Oct 2021 04:21:34 GMT
Accept-Ranges: bytes
ETag: "2e666a4cfcc6d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 41208
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbd3ee55eac820af805d07dba1d1c1df
cd7439fec5afaf2b240d9697b5aa50cf30c9a9ac
06d565a130757a29d7830b5e89c8b8a96f2d88b7e3c2ddc0b72684b9c2f58a68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06D565A130757A29D7830B5E89C8B8A96F2D88B7E3C2DDC0B72684B9C2F58A68"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10209
Expires: Tue, 15 Nov 2022 06:56:52 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e933dcdb5b2f2b23e2a76371e20a5764
86a2e71c436e8af1cf117aad1d614c3ac0e53df3
d0a1abda9256eff9be44c5556abc865e75c076bf99b9295b0d7d8edccf6def68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 13f1239a-4f37-4c8d-9114-f6880e1883a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhrGqzIAMFfvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-2605b8f41ebacb1d5da15dca;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rjUz_LZxMkyAQlwkskJ8gG6w-lG_FgI20NbRPt4jB7Drkji35OCnTw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 22850
etag: "86a2e71c436e8af1cf117aad1d614c3ac0e53df3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08bd66bbd19e46a42ef8acb8bce6388d
b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa
b7dc233e1415accc4e2eab0784255f250bb188e381721f76d4ced3eaf86d0184
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6118
x-amzn-requestid: af3049d8-11b3-42d4-816f-bcdf7af4bb24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEi5GwVoAMFYQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b478-37caf4ec59319ee72aa531af;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UV3QdB_Va1exUDMMzwJGDyOKDrlMadPQLnOk1rtCjhTp1USncQFRCw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:50:45 GMT
age: 22558
etag: "b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9459d8c5ec4b22476e1470e5476f70f7
78118517bfffe997c85f08bd9b7b7ac9270d9b02
647d0898ed6a38191ff91ca316e90a72d9a5ce563c3602a8d4c477c64f096be4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7504
x-amzn-requestid: 553a2ee3-9dcb-44ac-b0e1-e8ea660eedcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAmqGAyoAMFv5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae2a-7af9fba56c5ae9ca5f513668;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:05:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Bunxhv8a_oArMEcm7xSLMb3WzYV9xwg7Htdp09E_aT01f3tOH3yAZw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:32:43 GMT
age: 2040
etag: "78118517bfffe997c85f08bd9b7b7ac9270d9b02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d3794ae01105db39111c1d9a96ecc23
2b9c89d9a7df445c5d94521813fee750171806c5
430bca7bc5fc1aba0cd6d3427f1836698eb6ebc31e54229588863bda491ecf2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "430BCA7BC5FC1ABA0CD6D3427F1836698EB6EBC31E54229588863BDA491ECF2D"
Last-Modified: Sat, 12 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18668
Expires: Tue, 15 Nov 2022 09:17:51 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash c7e5b0ab09597586d27a627c9f80a2dd
51e63e39be340b9d7c7b8d5852e08bb35e00b720
581dd59ae86b5289147a4e2f7f735555f4d5dd02fdfb22b6f7e62c0852f79eeb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=878
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 808b62e352442d2e0861e04f246afc14
db370f5a7a86cfd96ac345b12e3003ee02f8ea6a
2e7c56d521e10e2c8880db7354fda6c2487519a8e6a4fc3fcca3efc068bf1a94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E7C56D521E10E2C8880DB7354FDA6C2487519A8E6A4FC3FCCA3EFC068BF1A94"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Tue, 15 Nov 2022 05:05:54 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
www.e2bc.cn/template/m1938pcc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
170.178.162.83404 Not Found 1.2 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
IP 170.178.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/m1938pcc/fonts/e61a601604fe408d85f635b56e71b3a1.woff HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.e2bc.cn/template/m1938pcc/css/zui.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 1163
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash c7e5b0ab09597586d27a627c9f80a2dd
51e63e39be340b9d7c7b8d5852e08bb35e00b720
581dd59ae86b5289147a4e2f7f735555f4d5dd02fdfb22b6f7e62c0852f79eeb
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
X-N: S
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fbbe11d494773cc724939f4d88cf8978
a9966d5bdca78510c173f32f3e1622da6b4644ec
1d18ae8e85d96becab9c63ac728501ee2d8addd02ff92645869e947f9f571e3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D18AE8E85D96BECAB9C63AC728501EE2D8ADDD02FF92645869E947F9F571E3E"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17089
Expires: Tue, 15 Nov 2022 08:51:32 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d5342b331c8a8b11ff6494548fccccf1
d69fe2c41be068d128653a80eda55c353b1c02f9
92181e1495d16798c5f9385539f049ec1b13b27623764ab03f9c078a6be62495
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=884
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f426679bbb7e902f2ff288da4582358
84370056917e669a5c0637d05afa68fb744106bf
53439677f871daff7118fe9afd9183aab3399792752df0afc90e557cc4b0b35d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53439677F871DAFF7118FE9AFD9183AAB3399792752DF0AFC90E557CC4B0B35D"
Last-Modified: Mon, 14 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3112
Expires: Tue, 15 Nov 2022 04:58:35 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: text/html
content-length: 162
location: https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d670234dfae14931ea0ee3bfa2979de9
54c893fd4e22f45a1e5c207f1c60215bd1392b8d
6da27b15b2b712dfd4933cafbefe5c5644788fd9ac64f69a1cad64ed5b1f585b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:03:17 GMT
Expires: Mon, 21 Nov 2022 23:03:16 GMT
Etag: "54c893fd4e22f45a1e5c207f1c60215bd1392b8d"
Cache-Control: max-age=585992,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a51dab085f0b39-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 897d88d91693706bca16e5ae82186cf9
ebf4a9d263ffe14154f6b5847fbc8737b5ab98f4
47a9c54e18505c7c60f1ec1f9d194eba59194da6eb16167fbadfe0f04775dabf
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:06:54 GMT
Expires: Sat, 19 Nov 2022 11:06:53 GMT
Etag: "ebf4a9d263ffe14154f6b5847fbc8737b5ab98f4"
Cache-Control: max-age=370209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a51dab4dc3b521-OSL
dimg04.c-ctrip.com/images/0105w120009syfd5e065F.gif?proc=autoorient
104.110.17.24200 OK 865 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105w120009syfd5e065F.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 865 kB (865077 bytes)
Hash ddb78df9c939d196e8ca8cc261b05430
4a778362a55bc48664268b07aa97115b39fe4586
8757bbbff4bfcb7e9203cd8973e5c22c7897c6879b97399939dc84ea34cd05ca
GET /images/0105w120009syfd5e065F.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 865077
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7185833
expires: Mon, 06 Feb 2023 08:10:36 GMT
date: Tue, 15 Nov 2022 04:06:43 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/17/cnbifdcxqux1755cnbifdcxqux442525.jpg
172.247.77.250200 OK 7.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/cnbifdcxqux1755cnbifdcxqux442525.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7029acdc8cf5bd6a01e572726be8dfbb
121a580a8b12e634955a1f7e0e977143db1b1497
89088a53043587f64f1e681fb0b447ddc82737ebd1ad440f0e14126c5f0a48b0
GET /upload/vod/2020/01-05/17/cnbifdcxqux1755cnbifdcxqux442525.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 7830
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-1e96"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: text/html
content-length: 162
location: https://kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.e2bc.cn/template/m1938pcc/ads/11.gif
170.178.162.83200 OK 136 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/11.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 136 kB (135761 bytes)
Hash 2990583ddbaa05992d5fb2811203947f
7e4dde5c3286df3d173c37e41f3547a72a166657
e3e8d61d413a303534345ec8d999af9847ddf9b2c8af208332ab6d5f303c3eea
GET /template/m1938pcc/ads/11.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:52:25 GMT
Accept-Ranges: bytes
ETag: "e49aa73bf6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 135761
fmlb.netlbtu.com/upload/vod/2019/11-08/04/42fztwn2clb044542fztwn2clb1912140.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/42fztwn2clb044542fztwn2clb1912140.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7a69f6bcc737d481b109a425bc2f45ef
4eb90945a6f411305c7fe8e490e7068eb24183d4
9849803e81bab8c5250526df3b9520e4a7127b4fe3a5ce0202b9809076acfd6c
GET /upload/vod/2019/11-08/04/42fztwn2clb044542fztwn2clb1912140.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 10465
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-28e1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/04/w1kcftblipa0445w1kcftblipa3412160.jpg
172.247.77.250200 OK 5.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/w1kcftblipa0445w1kcftblipa3412160.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e82f1f23154a81cb8b77b001aab86205
4c4c517532e4da65a710b98b4e34e95cc0abbddf
2c48232a80b68a35e63dcbcff4d390e46644867b4495310d85375ff54fdf05d2
GET /upload/vod/2019/11-08/04/w1kcftblipa0445w1kcftblipa3412160.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 5847
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-16d7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 897af4269fd9e17a0b1ce51129b0d34f
d60ff4db8e4b1df1fb42ee4c7f70d6e95d378323
de910e200ebe6d922bd8e508391f72b0df4573c8e689f9f772fb89d098b964ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 06:28:37 GMT
Expires: Sun, 20 Nov 2022 06:28:36 GMT
Etag: "d60ff4db8e4b1df1fb42ee4c7f70d6e95d378323"
Cache-Control: max-age=439912,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a51dab0b64b509-OSL
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8decf096fbe0a5231bbf21639122fa4
94247ef8f65f2768480604dfeb909266a459786d
5dbfc386855aa11ae42e0a360d00f8e885bcdf6d00c4bfd14beeef52b3b62390
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5DBFC386855AA11AE42E0A360D00F8E885BCDF6D00C4BFD14BEEEF52B3B62390"
Last-Modified: Mon, 14 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3428
Expires: Tue, 15 Nov 2022 05:03:51 GMT
Date: Tue, 15 Nov 2022 04:06:43 GMT
Connection: keep-alive
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
45.150.164.154301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 45.150.164.154:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 875d4c1c86e676858d310bf3ba41ece5
3a861912365656d97bcbd5d2527e3a5dbd68a1ae
22e4131be10589677270016bd63d9d4f9fb99812f7972ad831607e1b2b265b25
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 05:45:04 GMT
Expires: Mon, 21 Nov 2022 05:45:03 GMT
Etag: "3a861912365656d97bcbd5d2527e3a5dbd68a1ae"
Cache-Control: max-age=523699,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a51dab2fa2b4ee-OSL
kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.33.12200 OK 919 kB URL HTTP/2 kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.33.12:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvhooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.e2bc.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Wed, 14 Dec 2022 03:54:25 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 87138
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zL8Q0u5rq3CXa83l8qz376LAqZK5vQuRU7Hycyq39VP8NKMTI4639PIqeFttLSFj0iuimW%2BukS9CSUZfjTVnPkX3yjjvkf1bkDt2NF3QUaGoEL2Tzjn4Wl8a0z%2Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a51dac7eef0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/17/5aiamn3snfr17565aiamn3snfr522559.jpg
172.247.77.250200 OK 9.5 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/5aiamn3snfr17565aiamn3snfr522559.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bfdd2d96af4bf424aa0ad84c7acfd1e4
43fe485432b7a0c7b76c4b5633b58ceeaa23f663
0f92ef548c02743756b71b8752b37ff8eda0083a85a9760b88b4060e3289e009
GET /upload/vod/2020/01-05/17/5aiamn3snfr17565aiamn3snfr522559.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 9542
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2546"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash bf92c18165ea60a2e1db5be3c6427a26
28281d442af618ba6f44c2998d76848ccb947df3
c53de01b2e50f05c69c297fcad2ab832186aafdaddd1da10216021789762cadd
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 04:39:34 GMT
Expires: Sat, 19 Nov 2022 04:39:33 GMT
Etag: "28281d442af618ba6f44c2998d76848ccb947df3"
Cache-Control: max-age=346969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a51dab69560afe-OSL
www.e2bc.cn/template/m1938pcc/fonts/iconfont.woff
170.178.162.83200 OK 525 B URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/fonts/iconfont.woff
IP 170.178.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/m1938pcc/fonts/iconfont.woff HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.e2bc.cn/template/m1938pcc/css/zui.css
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Thu, 21 Apr 2022 12:34:02 GMT
Accept-Ranges: bytes
ETag: "e486f6147c55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 525
www.e2bc.cn/template/m1938pcc/ads/77.gif
170.178.162.83200 OK 193 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/77.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 326 x 217\012- data
Size 193 kB (193237 bytes)
Hash a15551773d50ba1bc1c91f1ac0e7a45f
603c163ea29d202ec5019fecaf202962892d6500
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
GET /template/m1938pcc/ads/77.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:52:09 GMT
Accept-Ranges: bytes
ETag: "1213e32f6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 193237
fmlb.netlbtu.com/upload/vod/2020/01-05/18/jtg1do5ekux1802jtg1do5ekux172711.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/18/jtg1do5ekux1802jtg1do5ekux172711.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 83b0a4a2c9d7ce7bb33b714fbd0d7ba3
23e921494c0b0d061e6472128905e00ee7863055
40b00be92f2a30b724e4d9e1178f5fb7b3c074e19fe035b368e7dcfacdb71948
GET /upload/vod/2020/01-05/18/jtg1do5ekux1802jtg1do5ekux172711.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 10105
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2779"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8decf096fbe0a5231bbf21639122fa4
94247ef8f65f2768480604dfeb909266a459786d
5dbfc386855aa11ae42e0a360d00f8e885bcdf6d00c4bfd14beeef52b3b62390
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5DBFC386855AA11AE42E0A360D00F8E885BCDF6D00C4BFD14BEEEF52B3B62390"
Last-Modified: Mon, 14 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Tue, 15 Nov 2022 05:03:51 GMT
Date: Tue, 15 Nov 2022 04:06:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 89805cc500bf9da360305ef38d40aaa2
a25850bf0f6179b3d16bbf725b97db4bbf98ecbc
866ff56c87e51607471022e451dcc850dce40fc66424af0df7d2548ea014e006
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=144759
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: "6372a2ca-116"
Expires: Wed, 16 Nov 2022 20:19:24 GMT
Last-Modified: Mon, 14 Nov 2022 20:19:22 GMT
Server: nginx
Content-Length: 278
www.e2bc.cn/template/m1938pcc/ads/112.gif
170.178.162.83200 OK 306 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/112.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 306 kB (305978 bytes)
Hash 719dd0a1bdee248a1fe83d20ce1021b6
4d43b7891b0275a21312600c491b57abdcc1cb99
ee987874d506cded08e8631596e6dc8a0a849a32bac55ba17c1a36e8445d8e45
GET /template/m1938pcc/ads/112.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 22 Oct 2021 05:03:48 GMT
Accept-Ranges: bytes
ETag: "f273ea322c7d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 305978
fmlb.netlbtu.com/upload/vod/2020/01-05/17/sza0q0wgeb01755sza0q0wgeb0282519.jpg
172.247.77.250200 OK 5.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/sza0q0wgeb01755sza0q0wgeb0282519.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f69731d20d2c849c897b8b17c294878d
f26bb8aaea2b2a37e635fa75ab442b61c9a247e8
72ae5f73cc26782d1246a380b4a634e2197e8c2ea23a588bcd71dad826ee80a3
GET /upload/vod/2020/01-05/17/sza0q0wgeb01755sza0q0wgeb0282519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 5856
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-16e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/01-05/17/d05moompdxo1756d05moompdxo012535.jpg
172.247.77.250200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/d05moompdxo1756d05moompdxo012535.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3d83b59437dd339cb8d541f34f7795f9
bec896ea5f0e0fdd5388526ebc1a916b1d7430a0
f8b151b24987e189047f5d9d71f27ba7efc29aa795d576a9d641727dc798ef9a
GET /upload/vod/2020/01-05/17/d05moompdxo1756d05moompdxo012535.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 12344
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-3038"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?d1bc9d250b69f565e12c166814754273
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d1bc9d250b69f565e12c166814754273
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 9882d71912a7b9df66520d5bdd13e106
b8ab886c0c87618ae47d236a702e495b0f82075c
8cf9d487f51c497bad2fed2b6a19de44d1f297c0e5456e2cf0aef86b545c0b55
GET /hm.js?d1bc9d250b69f565e12c166814754273 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11331
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: 8d925407c39e3df8940dad382c9bb576
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=79FDA93BFAADA605; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmlb.netlbtu.com/upload/vod/2019/11-08/04/oecow5phb5k0443oecow5phb5k5912040.jpg
172.247.77.250200 OK 9.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/oecow5phb5k0443oecow5phb5k5912040.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 897bd04b1e35702b6ecbea5296344d1c
2cb62874c601005c301f33019abb58c0487ce2f4
050666da5d2330ec2389479f95440182a0e6729e3ac9e22d7a870b726f9d8d32
GET /upload/vod/2019/11-08/04/oecow5phb5k0443oecow5phb5k5912040.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 9595
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-257b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/01-05/17/15tq0cmafyx175615tq0cmafyx162543.jpg
172.247.77.250200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/15tq0cmafyx175615tq0cmafyx162543.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3c3f2bd077d74d79cf56e94589ac5376
935e24d8145e87919d7f44db2c34fd4702363631
7ebde9c59c4e286d527ced85b3e4df70e16f729e39e1a057d033847b93430b1f
GET /upload/vod/2020/01-05/17/15tq0cmafyx175615tq0cmafyx162543.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:43 GMT
Content-Type: image/jpeg
Content-Length: 12330
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-302a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?22627f6cc5a5b806b08e13b8b5a190ab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?22627f6cc5a5b806b08e13b8b5a190ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 36ef2063d74bc41574949dd08e253ea5
df7e39a61ea1b1632f377cd5556190f73f7d2c8e
25d9a28934fb118ca4b64adce2eaad073a9ce98f101d4ce757cd67059190e725
GET /hm.js?22627f6cc5a5b806b08e13b8b5a190ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: f2676beb535f29fd5f6adc24d730fd64
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=16CB4488DF5D2F98; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?aa7b2c7d9edb30dc41ba3ef19c277de4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?aa7b2c7d9edb30dc41ba3ef19c277de4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash d6a969a7b3fcb641aa047f2136bb4f9a
c88b02d338bf6450edc9264246db79a9b79b6482
bd8c231ad975e56164860e961e7b6e8a8f709c8bb3726df2ac496d1a3ca611f2
GET /hm.js?aa7b2c7d9edb30dc41ba3ef19c277de4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: 0fc998e1ae2239f14a172153bb0e1669
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BF09BE7EA471437D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6bcad610c1b8e081a38a6f650e5fc847
12b6981818047fe891485954bde8dfd49d9980f1
0ab4491d2c16e7a46e24a78c84910730928d9324ea40fc885e372726b07f82e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1200
Cache-Control: max-age=104178
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:44 GMT
Etag: "6371ff96-117"
Expires: Wed, 16 Nov 2022 09:03:02 GMT
Last-Modified: Mon, 14 Nov 2022 08:43:02 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6eb6741847e76e603b3d46efddea010
2e8c10d2c246451fc67b3e82531db1e3a777a3d3
49f3e11b204490f12932f95a65552bb3eb72a291080310e64b77d84045160395
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "49F3E11B204490F12932F95A65552BB3EB72A291080310E64B77D84045160395"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15346
Expires: Tue, 15 Nov 2022 08:22:30 GMT
Date: Tue, 15 Nov 2022 04:06:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 89805cc500bf9da360305ef38d40aaa2
a25850bf0f6179b3d16bbf725b97db4bbf98ecbc
866ff56c87e51607471022e451dcc850dce40fc66424af0df7d2548ea014e006
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=144759
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:44 GMT
Etag: "6372a2ca-116"
Expires: Wed, 16 Nov 2022 20:19:24 GMT
Last-Modified: Mon, 14 Nov 2022 20:19:22 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
www.e2bc.cn/template/m1938pcc/fonts/iconfont.ttf
170.178.162.83200 OK 257 B URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/fonts/iconfont.ttf
IP 170.178.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6bf2659c287c7e192ff7c20853205e4
91087c59b4f1a108c0515d4daeb8d4cc49b62da5
a3cc4d1f67765644ce73654ad2d0a1e9f2b85553268d2f3e4d438da3bda75bb4
GET /template/m1938pcc/fonts/iconfont.ttf HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/template/m1938pcc/css/zui.css
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Thu, 21 Apr 2022 12:34:01 GMT
Accept-Ranges: bytes
ETag: "54f095147c55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 257
fmlb.netlbtu.com/upload/vod/2020/01-05/17/4xoxpnosdzr17564xoxpnosdzr352551.jpg
172.247.77.250200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/17/4xoxpnosdzr17564xoxpnosdzr352551.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c481482f8c7c8df35a183dae256e915
5dd3e0a3cf7fb3672acd500ce22fe9bcf4b22e76
dbc2830c1bf4d3679243f3db31f3580323720469f258386c24de0d83a3ecf6db
GET /upload/vod/2020/01-05/17/4xoxpnosdzr17564xoxpnosdzr352551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 11103
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2b5f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/pwt2ty35fvd0711pwt2ty35fvd3118926.jpg
172.247.77.250200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/pwt2ty35fvd0711pwt2ty35fvd3118926.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a765d245406c4eddeb31c28d6142b895
8f18fca7c45fb2b147fd9d99ca6e0d3023949f64
e664e122875d03c2c59b1b01b469133fa49e13c25c70f2b6ce1a5e7176849c93
GET /upload/vod/2019/11-08/07/pwt2ty35fvd0711pwt2ty35fvd3118926.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 12770
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-31e2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.55.165200 OK 1.0 MB URL HTTP/2 kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.55.165:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.e2bc.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:44 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 16:37:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 386960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjesL%2FrRJpPeX5leOKXlkPOjapLhVsCXK%2FbgKatc1Kyda7zwz86bEqaRGTyKwmptrc9vbE21BtI4MVsWq0c0r6t4yTy%2FFQFtd1xmNS3cfJ8M3WWohYPjy9Lin6Cv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a51dae0d711c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2019/11-08/07/3brm2scpm5s07123brm2scpm5s0218942.jpg
172.247.77.250200 OK 8.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/3brm2scpm5s07123brm2scpm5s0218942.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 69b60e0be7487c1f0072502dc4b1603f
ac3e622f9c4e65482665cd6a243c5fb5f92c0d0f
22b3cad08541bdc1afdd3dd0ba2e98ecd47b663ea5147904d348e47cb6f88aee
GET /upload/vod/2019/11-08/07/3brm2scpm5s07123brm2scpm5s0218942.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 8609
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-21a1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/a5ejyzjzfzv0711a5ejyzjzfzv4618934.jpg
172.247.77.250200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/a5ejyzjzfzv0711a5ejyzjzfzv4618934.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 61d14fbc939d457f35c12b74feb3648e
d82dcc2fdb217c43f6bb700fe7fffabb6f954be8
19f5bf4dee1cc31162f035c886aa17af653c0bb5d15cf258aa2a57bfb1f32884
GET /upload/vod/2019/11-08/07/a5ejyzjzfzv0711a5ejyzjzfzv4618934.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 11716
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2dc4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a77485cf7334661dd3a9f8208f341ab5
dd245f2c7643aeb9b53ec7dfe1daba942f56ac5d
e58ef3bd1bab04df95f1db6b3e922de73a6ac451fed817fe7482fb5f36c143a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E58EF3BD1BAB04DF95F1DB6B3E922DE73A6AC451FED817FE7482FB5F36C143A1"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3621
Expires: Tue, 15 Nov 2022 05:07:05 GMT
Date: Tue, 15 Nov 2022 04:06:44 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2019/11-08/07/cjhyltjks4a0712cjhyltjks4a3418958.jpg
172.247.77.250200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/cjhyltjks4a0712cjhyltjks4a3418958.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a9a9e746871aed9cd80d9687d2f30158
d1610abb8a3d8bc034cf906d27c7532914407013
3e3bb37c68b97edccc20c26f230e782534f3dda05d65db8b30a692f547824e3b
GET /upload/vod/2019/11-08/07/cjhyltjks4a0712cjhyltjks4a3418958.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 10813
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2a3d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.234.216200 OK 902 kB URL HTTP/2 kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.234.216:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.e2bc.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:44 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 09 Dec 2022 09:26:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 499211
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwjsZnQks2h8axoZklG2p7mhaO2Jbp2v5lQVdSk0OGxIdRa34J%2BKZQUKIq8QwH7yFnymeSOUTpwBBfDXR2ZhVVfQ6LpwnGisEj3GFYP4MHrHC4XPNqP81Hk1aTDm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a51dad5a687725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?eafe570c76546fa2db3399876af4afca
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?eafe570c76546fa2db3399876af4afca
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 7593064285a40285c650b9b0e3b30f6d
672dcc71c099552ac5b22d29feff47edd6ff6005
63e14b456d6591dfb893aed897c312369f8211811cc0f9b82dac41ac7fe8ced7
GET /hm.js?eafe570c76546fa2db3399876af4afca HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: 9062f4d7c129162f522477d74f8e98fb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6C3450763C5CC189; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6eb6741847e76e603b3d46efddea010
2e8c10d2c246451fc67b3e82531db1e3a777a3d3
49f3e11b204490f12932f95a65552bb3eb72a291080310e64b77d84045160395
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "49F3E11B204490F12932F95A65552BB3EB72A291080310E64B77D84045160395"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15346
Expires: Tue, 15 Nov 2022 08:22:30 GMT
Date: Tue, 15 Nov 2022 04:06:44 GMT
Connection: keep-alive
hm.baidu.com/hm.js?b384613b7772ccd652065bd24648863f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b384613b7772ccd652065bd24648863f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 81f2e9ed910712439553ce38b375db54
68b403752c4c719608e28658a6747e97d293746d
93b16611ea1184ade512ce0f2327d224baa22c047f67376209a2873bf93cf129
GET /hm.js?b384613b7772ccd652065bd24648863f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Tue, 15 Nov 2022 04:06:43 GMT
Etag: 8f9cf9d4ef08e4e67f516b6e08455ad4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4129228C1E94B6A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.e2bc.cn/template/m1938pcc/ads/44.gif
170.178.162.83200 OK 170 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/44.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 170 kB (170247 bytes)
Hash c01130e14349e47409ee31592f0fd4cb
663b4836f0a7823f056c679c75e31b461156c622
610f20fe264569b21a331ee2020e9d5c13182e91b2d587a246a4e155d06888c6
GET /template/m1938pcc/ads/44.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:51:35 GMT
Accept-Ranges: bytes
ETag: "24fb61df6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 170247
fmlb.netlbtu.com/upload/vod/2020/01-05/18/bxtwnvsbkeu1802bxtwnvsbkeu492727.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/18/bxtwnvsbkeu1802bxtwnvsbkeu492727.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ae930283ac605ecfdd6ca4ad1900256a
be52da21f4d335792e94c49a11cdb56123d88783
18672780ae22b820c44b45bc7aa760a257c18469a18b8d60672fb14454d4ac5d
GET /upload/vod/2020/01-05/18/bxtwnvsbkeu1802bxtwnvsbkeu492727.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 10484
Last-Modified: Sat, 12 Nov 2022 06:27:41 GMT
Connection: keep-alive
ETag: "636f3cdd-28f4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 57a01404f9aef1bd2b541590b19c605e
fa51f1c6ff511e1333470b5eef2cf8150b77c137
485019473dd6cc4ee615f17a5098e5e253ac3bd300e850a4a0e3ec47e57c5e09
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 01:11:48 GMT
ETag: "fa51f1c6ff511e1333470b5eef2cf8150b77c137"
Last-Modified: Tue, 15 Nov 2022 01:11:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2316
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a51daf29611c12-OSL
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a77485cf7334661dd3a9f8208f341ab5
dd245f2c7643aeb9b53ec7dfe1daba942f56ac5d
e58ef3bd1bab04df95f1db6b3e922de73a6ac451fed817fe7482fb5f36c143a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E58EF3BD1BAB04DF95F1DB6B3E922DE73A6AC451FED817FE7482FB5F36C143A1"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3621
Expires: Tue, 15 Nov 2022 05:07:05 GMT
Date: Tue, 15 Nov 2022 04:06:44 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2019/11-08/04/14hhoetmj0p044314hhoetmj0p2611998.jpg
172.247.77.250200 OK 9.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/14hhoetmj0p044314hhoetmj0p2611998.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c4f06d25613adf56dd096746e36e1584
f95e3cdbdac45548f9ad7bc46a517a6cf2d8a5e8
ced8b0b3223a4cb0bd32823f92a35868705b69b7c9f0d97c817a0d93efbf7255
GET /upload/vod/2019/11-08/04/14hhoetmj0p044314hhoetmj0p2611998.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 9675
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-25cb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/moobrtnfopq0711moobrtnfopq1518918.jpg
172.247.77.250200 OK 15 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/moobrtnfopq0711moobrtnfopq1518918.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9efd8b8cb2b034a1de2b723f56e6da17
b80541ee45b0f9167e20bbe13b1e5796000e7066
103a53ae49b8f40cd0d645660931fd9b6d34d5fcfbc324492d2b387c56e85706
GET /upload/vod/2019/11-08/07/moobrtnfopq0711moobrtnfopq1518918.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 14860
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-3a0c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/1o4kwnhsbhc07121o4kwnhsbhc5018966.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/1o4kwnhsbhc07121o4kwnhsbhc5018966.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 24a76278db8b87fd45ff87bd25e62703
dfed009d0bbaef9fd0776ef1b2498b3632988ce6
f8fc8eca02c45e4ef31dc3d2b04ab840440cbfb4a7d2fcab3cca815e8c2a40f3
GET /upload/vod/2019/11-08/07/1o4kwnhsbhc07121o4kwnhsbhc5018966.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 10017
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2721"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/dz2uc13wzdr0443dz2uc13wzdr4212018.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/dz2uc13wzdr0443dz2uc13wzdr4212018.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a2de4492ac553640e4752bb9f39a0fa2
a02d365cfa0d5c48ca0c32b48c079526cdda6f1d
cab3f2b24e90565eac35d0c5e95155e529f7c70277f5113e9f8b8f4ddf96fdce
GET /upload/vod/2019/11-08/04/dz2uc13wzdr0443dz2uc13wzdr4212018.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 10211
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-27e3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/v020eb4ltro0710v020eb4ltro5918910.jpg
172.247.77.250200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/v020eb4ltro0710v020eb4ltro5918910.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 82f782dee363b16865e8a4aa053724e8
c0c5a8b5f13d33f5afc5393659488478731771e7
c3b587d97caecf98dc0cfbcdf97f059570a162bd942dd80321f0cb12cfc95a40
GET /upload/vod/2019/11-08/07/v020eb4ltro0710v020eb4ltro5918910.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 9989
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2705"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ali2.a.yximgs.com/udata/music/music_7db843fa7c3e4adcaceb5deaec743f810.jpg
47.246.44.225200 OK 547 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_7db843fa7c3e4adcaceb5deaec743f810.jpg
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 150\012- data
Size 547 kB (547354 bytes)
Hash e428d1657a7930c36c12933a6ae4f68f
20ba87473254d4c41dbdadf0dcd50437f53f56ea
0ae9fdf354d3ca2a0be0c5d93dde726051b8db5f44bef0bffc681a5d8f3a69ca
GET /udata/music/music_7db843fa7c3e4adcaceb5deaec743f810.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 547354
Connection: keep-alive
Date: Fri, 21 Oct 2022 13:10:52 GMT
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 13:10:52 GMT
Last-Modified: Fri, 26 Aug 2022 11:41:22 GMT
x-amz-request-id: 2b054506f38640fd836ae71a9db29e29
x-amz-id-2: YmtladlyC5Brv61SXMcXgNrxlrT3jEqmdZzcFWxrdeFWqF9zMBQ=
Accept-Ranges: bytes
ETag: "E428D1657A7930C36C12933A6AE4F68F"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666357852717839801
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.225
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666357852
Via: cache27.l2na63-4[0,0,200-0,H], cache28.l2na63-4[1,0], cache17.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache5.se1[0,0,200-0,H], cache1.se1[3,0]
Age: 2127352
X-Cache: HIT TCP_MEM_HIT dirn:11:219528123
X-Swift-SaveTime: Fri, 21 Oct 2022 14:00:02 GMT
X-Swift-CacheTime: 31101050
kwaisign: null
X-Ks-Request-ID: 2ff62c9516684852043312024e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9516684852043312024e
www.e2bc.cn/template/m1938pcc/ads/33.gif
170.178.162.83200 OK 296 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/33.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 96 x 96\012- data
Size 296 kB (295532 bytes)
Hash c05587ee5afb6796bc57f35a92963f67
5df220bd4a3a394117b0d9c94f5e911b1e2ccaa8
a95aa0d580fdb3b9a2d75a15d3d0d40ba9425ff4247d9a33e3420daba1726b2e
GET /template/m1938pcc/ads/33.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:52:03 GMT
Accept-Ranges: bytes
ETag: "18a8b32ef6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 295532
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2048840333&si=d1bc9d250b69f565e12c166814754273&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2048840333&si=d1bc9d250b69f565e12c166814754273&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2048840333&si=d1bc9d250b69f565e12c166814754273&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 04:06:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7B18CF342082105E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.e2bc.cn/template/m1938pcc/ads/88.gif
170.178.162.83200 OK 2.2 MB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/88.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 2.2 MB (2168710 bytes)
Hash a0d945b4c30bc77735161545d1e00072
87c77a030ae771c3010d1215f73d1426e03f48dd
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
GET /template/m1938pcc/ads/88.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:52:14 GMT
Accept-Ranges: bytes
ETag: "dd6b5335f6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:40 GMT
Content-Length: 2168710
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210904028&si=aa7b2c7d9edb30dc41ba3ef19c277de4&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210904028&si=aa7b2c7d9edb30dc41ba3ef19c277de4&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=210904028&si=aa7b2c7d9edb30dc41ba3ef19c277de4&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 04:06:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=73D7B696B5F9EBEB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1666622245&si=22627f6cc5a5b806b08e13b8b5a190ab&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1666622245&si=22627f6cc5a5b806b08e13b8b5a190ab&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1666622245&si=22627f6cc5a5b806b08e13b8b5a190ab&v=1.2.97&lv=1&sn=29639&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.sadiqtv.com%2Findex.php&tt=%E5%B9%BF%E4%B8%9C%E9%A2%97%E5%B7%B2%E5%B8%82%E5%9C%BA%E8%90%A5%E9%94%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sadiqtv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 04:06:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A1D1F9554C41C6A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.e2bc.cn/template/m1938pcc/images/video-play.png
170.178.162.83200 OK 1.6 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/images/video-play.png
IP 170.178.162.83:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pcc/images/video-play.png HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/template/m1938pcc/css/zui.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 21 Apr 2022 12:26:06 GMT
Accept-Ranges: bytes
ETag: "14e35ef97a55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 1567
gezkdx7.com/606d6b8c605d4d3b82f1fefd052a1898.gif
103.170.15.101200 OK 210 kB URL HTTP/1.1 gezkdx7.com/606d6b8c605d4d3b82f1fefd052a1898.gif
IP 103.170.15.101:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Size 210 kB (209560 bytes)
Hash 3233f54d2df3b05275c7a3ca257d84c8
53caaaee24c85d2cbfe1c9620a6b653096b7ccec
19122c0883de63997c308e54400cfd13107252697cb038ca44a8ff9984dc657d
GET /606d6b8c605d4d3b82f1fefd052a1898.gif HTTP/1.1
Host: gezkdx7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "626a458c-33298"
Date: Wed, 09 Nov 2022 02:45:15 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 28 Apr 2022 07:43:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 209560
www.e2bc.cn/template/m1938pcc/ads/img/1.gif
170.178.162.83200 OK 254 B URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/img/1.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pcc/ads/img/1.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 21 Apr 2022 12:25:49 GMT
Accept-Ranges: bytes
ETag: "f47b36ef7a55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:42 GMT
Content-Length: 254
fmlb.netlbtu.com/upload/vod/2019/11-08/04/xrbijtgzh3p0444xrbijtgzh3p3012078.jpg
172.247.77.250200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/xrbijtgzh3p0444xrbijtgzh3p3012078.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c4064e871f425c8bf68b6b120d5f2c3a
98cb8a51840ee35268b84ce1f2360ca8036078e6
a3b6af2fb9103837e501cc6f4119d33518b7540c965d890ff367048ee86fcb41
GET /upload/vod/2019/11-08/04/xrbijtgzh3p0444xrbijtgzh3p3012078.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 11482
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2cda"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/vu30wpcwtto0445vu30wpcwtto0212118.jpg
172.247.77.250200 OK 9.3 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/vu30wpcwtto0445vu30wpcwtto0212118.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f8909ec2c2a2498ffa7f0aa1e696391d
e27683da45d3d07cbfe6a7df148d166eb1f1df4d
0c52517ee0ebe4ad83a3d7525e220775692c41e5f22127f1dc7fca3e7f544d08
GET /upload/vod/2019/11-08/04/vu30wpcwtto0445vu30wpcwtto0212118.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 9332
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2474"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/ewao33z20rk0444ewao33z20rk4612098.jpg
172.247.77.250200 OK 9.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/ewao33z20rk0444ewao33z20rk4612098.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5342e90ee8346a6b53d729a0c3953e1a
3c1ecd5972dd0ed614ca0c627ca3b66ee673ae4d
d617510fdc18ec95f94eeb6f71502768dc153b5b67615a10a4f0401b129ebb11
GET /upload/vod/2019/11-08/04/ewao33z20rk0444ewao33z20rk4612098.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 9911
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-26b7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/07/epeavip3fts0712epeavip3fts1818950.jpg
172.247.77.250200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/epeavip3fts0712epeavip3fts1818950.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash da88cf62a6d1455d5417c8a2b6337801
3d11d3709c0ad8de188590386c26b76c94e7cfb9
8030c80365ebd3e9d61be188c6ed4805e10c6c44e8c12e0135f4df990110026e
GET /upload/vod/2019/11-08/07/epeavip3fts0712epeavip3fts1818950.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 10661
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-29a5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/2t0eeene3ym04442t0eeene3ym1412058.jpg
172.247.77.250200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/2t0eeene3ym04442t0eeene3ym1412058.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 362beae68b71d46ca0637b729b720aca
84257c664c8e3318d767b06f2ee366edddb714d6
c1cdd82dfd0f940c77b436357cc34262292517b7fda8601a5efb2fd5ff4fbc83
GET /upload/vod/2019/11-08/04/2t0eeene3ym04442t0eeene3ym1412058.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 11433
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-2ca9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1795359338&si=eafe570c76546fa2db3399876af4afca&su=http%3A%2F%2Fwww.sadiqtv.com%2F&v=1.2.97&lv=1&sn=29639&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.e2bc.cn%2F&tt=%E8%B6%85%E6%B8%85%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%20-%20%E5%A4%A7%E9%BB%84%E8%9C%82
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1795359338&si=eafe570c76546fa2db3399876af4afca&su=http%3A%2F%2Fwww.sadiqtv.com%2F&v=1.2.97&lv=1&sn=29639&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.e2bc.cn%2F&tt=%E8%B6%85%E6%B8%85%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%20-%20%E5%A4%A7%E9%BB%84%E8%9C%82
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1795359338&si=eafe570c76546fa2db3399876af4afca&su=http%3A%2F%2Fwww.sadiqtv.com%2F&v=1.2.97&lv=1&sn=29639&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.e2bc.cn%2F&tt=%E8%B6%85%E6%B8%85%E6%97%A0%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%20-%20%E5%A4%A7%E9%BB%84%E8%9C%82 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Nov 2022 04:06:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8BA4E2F128B21782; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvkaaa.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.235.135200 OK 1.6 MB URL HTTP/2 kvkaaa.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.235.135:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvkaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.e2bc.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:44 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Mon, 12 Dec 2022 17:06:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 212386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJw3rM45eowKsD6LBn%2FjlMOo0UDUsRFZGzQ6wKDVLSvCP9r%2BSGef5eULLl9pXlaEhsy61HFWBO36Dx8AJgu%2FsvRIRDHkhaM3Ov2iEGMrAjRd%2Fs5J%2FU4egjhfgNeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a51daebdca776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.x959.xyz/images/62dd121a8461fc4634f16463.gif
23.225.228.58302 Found 43 B URL HTTP/2 img.x959.xyz/images/62dd121a8461fc4634f16463.gif
IP 23.225.228.58:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /images/62dd121a8461fc4634f16463.gif HTTP/1.1
Host: img.x959.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_a8c97c381e064e05879a4447ddca19090.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.e2bc.cn/template/m1938pcc/ads/110.gif
170.178.162.83200 OK 49 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/110.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 160 x 160\012- data
Hash c30447342db380936a89f9a88f72ef62
29dacb0c377a913e8c2eacdfc44c76f5948d5021
2123dea32dfb42b2d0f345ab408ed43039da52c2d7b91df5913a9beac28d19dd
GET /template/m1938pcc/ads/110.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 22 Oct 2021 05:04:04 GMT
Accept-Ranges: bytes
ETag: "3d1a433c2c7d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:42 GMT
Content-Length: 49087
www.e2bc.cn/template/m1938pcc/ads/66.gif
170.178.162.83200 OK 444 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/66.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 444 kB (443705 bytes)
Hash 8bc908398e73478d0b28d85191689891
5e9022d7583285c988d0acb55b6db7c920f3c3d0
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
GET /template/m1938pcc/ads/66.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:51:55 GMT
Accept-Ranges: bytes
ETag: "936222af6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 443705
8499163.com/8499/hei/960x60.gif
172.247.109.197200 OK 331 kB URL HTTP/2 8499163.com/8499/hei/960x60.gif
IP 172.247.109.197:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/hei/960x60.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:43 GMT
content-type: image/gif
content-length: 331043
last-modified: Sat, 12 Nov 2022 04:46:28 GMT
etag: "50d23-5ed3eb07b9ace"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/01-05/18/fptdbddcd4i1802fptdbddcd4i332719.jpg
172.247.77.250200 OK 8.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/01-05/18/fptdbddcd4i1802fptdbddcd4i332719.jpg
IP 172.247.77.250:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 323c3c5db3c6f6089782557289b03234
d632cb41c85f3b4dbafb8a0e84cac1dc940d6d83
9dde0023a3cd8911535f3bd50bc05e5acb320c8d4b241af05be7073c616eacc2
GET /upload/vod/2020/01-05/18/fptdbddcd4i1802fptdbddcd4i332719.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 15 Nov 2022 04:06:44 GMT
Content-Type: image/jpeg
Content-Length: 8685
Last-Modified: Sat, 12 Nov 2022 06:27:40 GMT
Connection: keep-alive
ETag: "636f3cdc-21ed"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
qthynj2.com/dd69d35354414f8a8af0667bad29827a.gif
103.170.15.88200 OK 384 kB URL HTTP/1.1 qthynj2.com/dd69d35354414f8a8af0667bad29827a.gif
IP 103.170.15.88:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Size 384 kB (383522 bytes)
Hash 384431d966702633484068abf9e9bdfb
b577e5e160c9f2cf27600e75078d5fbff8d90f17
2efe9ae0ee95cae9b4f861bf9957aa774773e54713b05992a0668a905f3f7f84
GET /dd69d35354414f8a8af0667bad29827a.gif HTTP/1.1
Host: qthynj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "626fec5a-5da22"
Date: Wed, 09 Nov 2022 15:09:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 May 2022 14:36:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 383522
ntvxbf7.com/fe3f85c1f2864030a969bc01f2e47f8f.gif
103.170.15.96200 OK 519 kB URL HTTP/1.1 ntvxbf7.com/fe3f85c1f2864030a969bc01f2e47f8f.gif
IP 103.170.15.96:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 700 x 120\012- data
Size 519 kB (519367 bytes)
Hash 284133a187d088948789b3110f6edd7e
7f3c06b552e315e070c26ad02f00cd9da1e42123
422262a6ba2a5a1d27789a2ac493ab08484ccdeb3e09b16a5b67649f1eee997a
Analyzer Verdict Alert quad9 Sinkholed
GET /fe3f85c1f2864030a969bc01f2e47f8f.gif HTTP/1.1
Host: ntvxbf7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "625fc0fb-7ecc7"
Date: Mon, 24 Oct 2022 12:23:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 20 Apr 2022 08:14:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Length: 519367
www.e2bc.cn/template/m1938pcc/ads/113.gif
170.178.162.83200 OK 309 kB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/113.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 500 x 280\012- data
Size 309 kB (309091 bytes)
Hash 0a475fd421d22269a0cbcf7265383bd9
46a8ccf2f844ca1e80d71993f1abc348703d68b1
fac51feb5988d1666014fa78a870689a907f20606e351e18558da33e1c51dfa7
GET /template/m1938pcc/ads/113.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.e2bc.cn/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 22 Oct 2021 04:38:48 GMT
Accept-Ranges: bytes
ETag: "9a3099b4fec6d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:42 GMT
Content-Length: 309091
8499225.com/8499/hei/960x60.gif
172.247.109.197200 OK 331 kB URL HTTP/2 8499225.com/8499/hei/960x60.gif
IP 172.247.109.197:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/hei/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:44 GMT
content-type: image/gif
content-length: 331043
last-modified: Sat, 12 Nov 2022 04:46:28 GMT
etag: "50d23-5ed3eb07b9ace"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.e2bc.cn/template/m1938pcc/ads/22.gif
170.178.162.83200 OK 1.2 MB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/22.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.2 MB (1154950 bytes)
Hash 5887925db53755c6b805bdf6352dabd9
ed2ba5655cf2050f2b938b32b4f923bbd4d42496
b107da7c1079d69dfeae4d05e25a5f41f4f5d3b99dba9a9ea504e967447085fe
GET /template/m1938pcc/ads/22.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:52:20 GMT
Accept-Ranges: bytes
ETag: "4d289838f6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 1154950
www.e2bc.cn/template/m1938pcc/ads/55.gif
170.178.162.83200 OK 7.0 MB URL HTTP/1.1 www.e2bc.cn/template/m1938pcc/ads/55.gif
IP 170.178.162.83:0
File type GIF image data, version 89a, 560 x 314\012- data
Size 7.0 MB (6977151 bytes)
Hash b3249ea7501ed6a862fdf53008a77560
5e94076754237a651ce10e857179efdfec781c7f
1c748a7ae300ca829fcf74eb98b48c9f61643efa7b835d13645d0601d52785bf
GET /template/m1938pcc/ads/55.gif HTTP/1.1
Host: www.e2bc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 29 Jul 2022 02:53:59 GMT
Accept-Ranges: bytes
ETag: "1d9cd673f6a2d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 15 Nov 2022 04:06:41 GMT
Content-Length: 6977151
tx2.a.yximgs.com/udata/music/music_a8c97c381e064e05879a4447ddca19090.jpg
101.33.29.235200 OK 515 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_a8c97c381e064e05879a4447ddca19090.jpg
IP 101.33.29.235:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 515 kB (514936 bytes)
Hash c9e05a87a7911978f2c1110034640ffb
5ce434cda1fc6fcb6082b133d3e749ebe9f40420
3d801f8dfa60f45efe18fa0122daa88a1142ed46d1dc1b4846363eed5bbfb435
GET /udata/music/music_a8c97c381e064e05879a4447ddca19090.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Etag: "48d8bbfa287b79b595941c4de4a7574b-1"
Date: Mon, 14 Nov 2022 03:54:18 GMT
Server: tencent-cos
expires: Fri, 02 Sep 2022 10:45:42 GMT
x-cos-hash-crc64ecma: 12200023591017221328
x-cos-request-id: NjM3MWJiZWFfZWE1M2MwMDlfMzcwNV8xNjhhNGUx
x-cos-storage-class: STANDARD_IA
x-cos-version-id: null
Accept-Ranges: bytes
Last-Modified: Fri, 26 Aug 2022 10:45:42 GMT
Cache-Control: max-age=604800
Content-Length: 514936
X-NWS-LOG-UUID: 7528885816263165994
Connection: keep-alive
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
X-Ks-Cache: Hit from 101.33.29.235
x-ks-http-first-data: 1
x-ks-client-ip: 91.90.42.154
X-Ks-Request-ID: 7528885816263165994
kwaisign: NULL
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6bcad610c1b8e081a38a6f650e5fc847
12b6981818047fe891485954bde8dfd49d9980f1
0ab4491d2c16e7a46e24a78c84910730928d9324ea40fc885e372726b07f82e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1202
Cache-Control: max-age=104178
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:06:46 GMT
Etag: "6371ff96-117"
Expires: Wed, 16 Nov 2022 09:03:04 GMT
Last-Modified: Mon, 14 Nov 2022 08:43:02 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ebd0ec1-1a89-43e0-9cc8-b4c4aaba9a26.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ebd0ec1-1a89-43e0-9cc8-b4c4aaba9a26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fccbaa99a6af77d187d488b8ed6c6222
1643214231f459de7e20981676f630bb903d085d
b4991dcb0b29478e88487bf2c3bb91a90d94511048ecba4a20138dd8fd4b7672
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ebd0ec1-1a89-43e0-9cc8-b4c4aaba9a26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15691
x-amzn-requestid: bbe43af8-ed97-4181-9872-e94f9386596b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUNEqG7foAMFosw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b2884-6f66158464e027a30d50a797;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 04:11:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iQdP63-UZ0nIQvtJRnpF-szecnotfVbElbxnF6cQ3lo3i6JMz0xqGg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:15:25 GMT
age: 85884
etag: "1643214231f459de7e20981676f630bb903d085d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.x971.xyz/images/6308b15f12f02de213cd9571.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.x971.xyz/images/6308b15f12f02de213cd9571.gif
IP 23.225.228.58:0
GET /images/6308b15f12f02de213cd9571.gif HTTP/1.1
Host: img.x971.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.e2bc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_7db843fa7c3e4adcaceb5deaec743f810.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
104.21.235.36200 OK 0 B URL HTTP/2 kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.21.235.36:0
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvtccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.e2bc.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:06:46 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 04 Dec 2022 23:01:17 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 882327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B5H9mOEhX%2FMzmts6uHaP%2BdMKxbqxUyG%2BnmqwE6c1%2BBSIV3%2Fj4IseCn1NHAiWlgnDr9GzmRQ95Z%2BeZIr4C0mtcdrEo3PvoB637U0vJ5X3xU5NMkR4RSiBmxDgy%2FM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a51dada8e17713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2