r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Mon, 28 Nov 2022 08:14:38 GMT
Date: Mon, 28 Nov 2022 07:23:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3985
Expires: Mon, 28 Nov 2022 08:29:53 GMT
Date: Mon, 28 Nov 2022 07:23:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1839
Cache-Control: max-age=99504
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:28 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:01:52 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4shSxjDWph2nm0QarF/L4H1qsgN368aWcQPc+o9Xf9RJtIAUEsAzn5GppHl+Vzf5PUP9M+Nj+ko=
x-amz-request-id: EPS1PSTD7XMHG9Y2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 06:44:56 GMT
age: 2312
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 07:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 236
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 07:23:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jaytakeapic.com/
154.205.217.205301 Moved Permanently 0 B IP 154.205.217.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 07:23:28 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jaytakeapic.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 07:11:12 GMT
cache-control: public,max-age=3600
age: 737
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5883
Cache-Control: max-age=98486
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:29 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:44:55 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.223.160.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.160.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u3O2S+hgPqlldmbXFb9tbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G7a2q/Y9QUWwn+aLN+jeMpY/CFg=
www.jaytakeapic.com/index.php
154.205.217.205200 OK 590 B URL HTTP/1.1 www.jaytakeapic.com/index.php
IP 154.205.217.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (917), with CRLF line terminators
Hash 7634ce294dec2f48fa5ef2bfcd6c7bdc
8278b8c2f74a270c4c300745d1ca02ca9f462a37
32966d38b6195007abfb3b8bdeb696a25d7eeb4c889240c107279adeb2503c78
GET /index.php HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.jaytakeapic.com/common.js
154.205.217.205200 OK 687 B URL HTTP/1.1 www.jaytakeapic.com/common.js
IP 154.205.217.205:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 553233f1173faba094c589715d4e9544
19e02ff53dda165bffccbcd3cc4970f54b7fd484
c28e22bdeac69caf2df0472b6c439f278f82e899beaa7c82d1f552ea26fcc4f8
GET /common.js HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.jaytakeapic.com/tj.js
154.205.217.205200 OK 258 B URL HTTP/1.1 www.jaytakeapic.com/tj.js
IP 154.205.217.205:0
File type ASCII text, with CRLF line terminators
Hash 327e9ffc8979e0469060bcd6eda50ffa
24bb61ee2a8e55dc1631833d537213912a26301a
e799c18a5f443687da21b35228cdf85125274478988a26943d1a539469c3e38e
GET /tj.js HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 07:23:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 07:23:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4060284252d32701c42e2df4a83970a0
a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 32207
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 34332
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 33704
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 34310
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:45 GMT
age: 32205
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 34341
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.jaytakeapic.com/favicon.ico
154.205.217.205200 OK 1.2 kB URL HTTP/1.1 www.jaytakeapic.com/favicon.ico
IP 154.205.217.205:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 03 Dec 2022 07:23:30 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
207.60.181.202/
207.60.181.202200 OK 7.1 kB IP 207.60.181.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f1a927a2199675730bc328407accb359
de80d43a7aecf8a3e05be83b11ac5493adbf7dae
cece9e6b17a1b0e8829c0164d683701d1483dcac96d3c3f61d2ff4bc8d0cdaf6
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 7126
207.60.181.202/template/m1938pc/ads/xx1.js
207.60.181.202200 OK 1.1 kB URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/xx1.js
IP 207.60.181.202:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 0dae7d9110d594399ba264a945f3d7f4
bfeabb1f4b7b4857be87ca42376aaec79fb57dd6
6d5466f2d754ee66741a58a1e0a2a50865e76f9b7f267ad8e6c01e78a4d2e8dc
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 13:33:53 GMT
Accept-Ranges: bytes
ETag: "8076a0b99b1d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 1108
207.60.181.202/template/m1938pc/css/ate.css
207.60.181.202200 OK 4.5 kB URL HTTP/1.1 207.60.181.202/template/m1938pc/css/ate.css
IP 207.60.181.202:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "8074f0655cced81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 4498
207.60.181.202/template/m1938pc/ads/dh.js
207.60.181.202200 OK 491 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/dh.js
IP 207.60.181.202:0
File type HTML document, Unicode text, UTF-8 text
Hash ce4cdaa3c9e059cf365b058fe78aa070
39c21e555929b53ba53a3d82c1b5d6eed0dd89e1
d3bec708e755cadb3a0f84b70ebb36e796305f3663ff730d1670ac1a91e3c056
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 13:44:48 GMT
Accept-Ranges: bytes
ETag: "df8256171dfcd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 491
207.60.181.202/template/m1938pc/ads/dh1.js
207.60.181.202200 OK 0 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/dh1.js
IP 207.60.181.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dh1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 14:04:02 GMT
Accept-Ranges: bytes
ETag: "43637da755dad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0
207.60.181.202/template/m1938pc/ads/xx2.js
207.60.181.202200 OK 0 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/xx2.js
IP 207.60.181.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx2.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 12:40:26 GMT
Accept-Ranges: bytes
ETag: "2a35ff6feff8d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0
207.60.181.202/template/m1938pc/ads/1.js
207.60.181.202200 OK 0 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/1.js
IP 207.60.181.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "b1ef49665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0
207.60.181.202/template/m1938pc/css/zui.css
207.60.181.202200 OK 15 kB URL HTTP/1.1 207.60.181.202/template/m1938pc/css/zui.css
IP 207.60.181.202:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 48c376278eb9da985b90bb1612dbeee1
4d755742285a8bc38f9c73b3a5976c6b381e3c32
af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "8074f0655cced81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 15351
207.60.181.202/template/m1938pc/ads/dl.js
207.60.181.202200 OK 0 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/dl.js
IP 207.60.181.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dl.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "b1ef49665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0
207.60.181.202/template/m1938pc/ads/xx3.js
207.60.181.202200 OK 470 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/xx3.js
IP 207.60.181.202:0
File type HTML document, ASCII text
Hash fd1db2274681647a0f119c6e150a0d32
f632bc81979605156515387e66164c78ee17caed
52385f00222714147b75e426bfbaea7a9cceaf04e31e10fee4a782df0fb35d3b
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx3.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2022 08:00:27 GMT
Accept-Ranges: bytes
ETag: "4bc1b1c8edd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 470
207.60.181.202/template/m1938pc/ads/tj.js
207.60.181.202200 OK 316 B URL HTTP/1.1 207.60.181.202/template/m1938pc/ads/tj.js
IP 207.60.181.202:0
File type ASCII text, with CRLF line terminators
Hash 934d35ffe49d41adff5e0e697aa874b3
6194ac34df66999136f98af90fedd5e302fc05ed
91fed33b067f8d1dfe1f221ea3003cceadb9b67b550c5ec51bc71a642718f7c8
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/tj.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 23 Sep 2022 15:49:49 GMT
Accept-Ranges: bytes
ETag: "b03ead1c64cfd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 316
207.60.181.202/template/m1938pc/images/1.gif
207.60.181.202200 OK 254 B URL HTTP/1.1 207.60.181.202/template/m1938pc/images/1.gif
IP 207.60.181.202:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/images/1.gif HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "581651665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 254
207.60.181.202/template/m1938pc/images/video-play.png
207.60.181.202200 OK 1.6 kB URL HTTP/1.1 207.60.181.202/template/m1938pc/images/video-play.png
IP 207.60.181.202:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "581651665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 1567
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=754
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=809
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=793
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=847
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 8f330fe49c56bacf9d8322e0d560dbf3
767d3f169fd961ea30ce3bba6a2d72dc4b2e5e25
bf586e470cf2ce79b7d3e7eaab36c78de50e3445dc62b81afc4a1e50af322c18
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b59dbe808b4873a26925272d5087a110
f4b9b1c5fafe75b1e349e88c14b7693a6ad59977
38e9b67dce1e34551444efefc648c73b2f3084257394193120c0d3fae7078115
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38E9B67DCE1E34551444EFEFC648C73B2F3084257394193120C0D3FAE7078115"
Last-Modified: Sun, 27 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1448
Expires: Mon, 28 Nov 2022 07:47:40 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fa83a1f103ffe503bacb761df256642
adc420a46019985993794463ebab62667e7b0713
813ded61d535d7ae20e265bf2f11858ba2748fe517fa4311edb8c1749754190e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "813DED61D535D7AE20E265BF2F11858BA2748FE517FA4311EDB8C1749754190E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8438
Expires: Mon, 28 Nov 2022 09:44:10 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg
45.89.208.114200 OK 8.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 330e3e39cd11626e6ce5f3371729f394
adc3bf026be2b7dcf5001c4ce7cdfc1e0aeab10d
62d4113e5bc7469e3c11b9e6967a730fbcb6eeb426394e4fa0b687bc49ac21c2
GET /upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8184
Last-Modified: Wed, 09 Nov 2022 11:42:07 GMT
Connection: keep-alive
ETag: "636b920f-1ff8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg
45.89.208.114200 OK 7.9 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 6f8f94161c59ef9c678933c1c2df1f8b
e44c655b65d388483e6c94737677fc4d601c8503
766b6cffa78bf890e249f1d04821c8909db90f717855ebb92ad07d82c6f94d5e
GET /upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7911
Last-Modified: Wed, 09 Nov 2022 11:40:41 GMT
Connection: keep-alive
ETag: "636b91b9-1ee7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:31 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7a89106459f40b9157060dde51fd5cf5
0d602b318be754a1c364e5b5ff4a19561750f1ab
cb19d78d30fa1d93fad1e4ead9e621554129db877b74f34caa9332bd3b5676b7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 03:22:22 GMT
ETag: "0d602b318be754a1c364e5b5ff4a19561750f1ab"
Last-Modified: Mon, 28 Nov 2022 03:22:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77115bd71f2cb51e-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7a89106459f40b9157060dde51fd5cf5
0d602b318be754a1c364e5b5ff4a19561750f1ab
cb19d78d30fa1d93fad1e4ead9e621554129db877b74f34caa9332bd3b5676b7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 03:22:22 GMT
ETag: "0d602b318be754a1c364e5b5ff4a19561750f1ab"
Last-Modified: Mon, 28 Nov 2022 03:22:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77115bd72f4cb51e-OSL
fmlb.netlbtu.com/upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg
45.89.208.114200 OK 8.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 9110872e144cdcc574fa76a3b51300f3
9b8cce500e0ee032ff51c6eda41364434d5b81de
d9b87f6d8299d3e4f42385c288e2784c79252cf0062ba3e121ec95b1e405a7b1
GET /upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8111
Last-Modified: Wed, 09 Nov 2022 11:41:11 GMT
Connection: keep-alive
ETag: "636b91d7-1faf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f524d6afaad8038b17f7e675efca55ee
4996823fdc6ee00d67bbe7c9c35c55a453f1d5d9
6c32b1dcd393f020d8f92903920d09ef351a54ab81fb44d1060d70fdb0ff3feb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C32B1DCD393F020D8F92903920D09EF351A54AB81FB44D1060D70FDB0FF3FEB"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17494
Expires: Mon, 28 Nov 2022 12:15:06 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg
45.89.208.114200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dd6a12a0d6563f00438ffb53f471ea0f
a665cc40abd717f431b1f95c17b64bf193c5ee65
a730505bea85d35dab789df7fc0b9bcbf38dab0f28877f6830e1362a963e810f
GET /upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10013
Last-Modified: Wed, 09 Nov 2022 11:42:56 GMT
Connection: keep-alive
ETag: "636b9240-271d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg
45.89.208.114200 OK 9.7 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0d1c6c8b179914e28712800fdfd1fc85
40c49f6f4c3241735ee28b251372204cc146d3b1
b611cd1eff5ba9517b91f0c194708d45f52f142a1b0daaa9613a2fdecf36b9fe
GET /upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9675
Last-Modified: Wed, 09 Nov 2022 11:39:29 GMT
Connection: keep-alive
ETag: "636b9171-25cb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg
45.89.208.114200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4f030e2ae2a584631c29bac548aefc3c
a4637b253e9c4d99053c475b3514d390a1b3b7a5
57ae25969284b01cbf811b4604fd0a2647064633c719f84271bc324b6e8d9015
GET /upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10190
Last-Modified: Wed, 09 Nov 2022 11:44:15 GMT
Connection: keep-alive
ETag: "636b928f-27ce"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a262e58e5b41705d2c667a8e5c3d231
343aea0d15c3758a646c41b07fd1d05bf4db66d8
66bc1680137cb941c3fed0d1dc9125c32223d043c7ff045666fa5b9fa92da339
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66BC1680137CB941C3FED0D1DC9125C32223D043C7FF045666FA5B9FA92DA339"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2864
Expires: Mon, 28 Nov 2022 08:11:16 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 669622262b0a30b379c436d6cb58b060
d2515b4feb2d37d678f21fdd00c08dea9e82b57a
e53960082de76e466bdff97529df6c0da99e6fea38d6717965767c9017ff16dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112745
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "6383775d-117"
Expires: Tue, 29 Nov 2022 14:42:37 GMT
Last-Modified: Sun, 27 Nov 2022 14:42:37 GMT
Server: nginx
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg
45.89.208.114200 OK 9.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f00198dc27604226dd78bc34c040c1ff
b83851431b1809b0fdc05633a35aa7a33f9fabf7
0ed51e0b84217b3fa610a0d3b0e67df80abb3bfd279061e548d1a80777965e75
GET /upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9619
Last-Modified: Wed, 09 Nov 2022 11:43:48 GMT
Connection: keep-alive
ETag: "636b9274-2593"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg
45.89.208.114200 OK 6.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fc2fad388912974e6994c3879bf35383
f01fa4e24525aea08c155d9e1cb69c5cd4abe46c
ef3773b0156c510ea03eba56f50f77fcbf8da66e0a47b3ee8178315b926e99ec
GET /upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 6438
Last-Modified: Wed, 09 Nov 2022 11:43:48 GMT
Connection: keep-alive
ETag: "636b9274-1926"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
104.21.55.74200 OK 1.1 MB URL HTTP/2 nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1180178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGsIXpoDCWCPUWwj0r8hdKx7KJUzdrtw0lNYF0%2FjSWvOAD8BDdItVrObm%2FIwdcyRwXVbT9qpw87WbEeLb9xoO5LMBwc7dWQA9Q%2BUQuHG7oHrIvlhe%2BwMyQfb0i3I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd81fadb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
67.198.205.125301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 67.198.205.125:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 669622262b0a30b379c436d6cb58b060
d2515b4feb2d37d678f21fdd00c08dea9e82b57a
e53960082de76e466bdff97529df6c0da99e6fea38d6717965767c9017ff16dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=112745
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "6383775d-117"
Expires: Tue, 29 Nov 2022 14:42:37 GMT
Last-Modified: Sun, 27 Nov 2022 14:42:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg
45.89.208.114200 OK 8.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cb529944681f22bfd1936676a935fb45
cab2656ecdc80d0c053b537b48cec75e71a4c246
4f5307eb1c982a33153d918911586abcccce5feffed894f4aa1bf02d74530e38
GET /upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8615
Last-Modified: Wed, 09 Nov 2022 11:43:10 GMT
Connection: keep-alive
ETag: "636b924e-21a7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dimg04.c-ctrip.com/images/0100b120009wpqidiDE76.gif?proc=autoorient
104.110.17.24200 OK 428 kB URL HTTP/2 dimg04.c-ctrip.com/images/0100b120009wpqidiDE76.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 120\012- data
Size 428 kB (427987 bytes)
Hash 2b6121af78d72099e298dcf6cc7ceb1d
12c503fbff1dba92877272ee4c0a8f97d13a9523
ccc4caf4d395a29d3abb4cbc013b3a08989b657aae80e6de4ddd0869f5cee6ba
GET /images/0100b120009wpqidiDE76.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 427987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 329
cache-control: max-age=8380748
expires: Sun, 05 Mar 2023 07:22:40 GMT
date: Mon, 28 Nov 2022 07:23:32 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105r12000a29rypgA90D.gif?proc=autoorient
104.110.17.24200 OK 836 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105r12000a29rypgA90D.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 480 x 120\012- data
Size 836 kB (835977 bytes)
Hash db39efa1f7ba68b4f5a0df4f035f4fcb
3cc29e0c40bf76e9233314000d195fa100974c4b
dd57c61bbc385ab5d83156982eedc19f47cd0edbf3afb681271a4f020aa7ff27
GET /images/0105r12000a29rypgA90D.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 835977
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 22
x-edgeconnect-origin-mex-latency: 113
cache-control: max-age=11331597
expires: Sat, 08 Apr 2023 11:03:29 GMT
date: Mon, 28 Nov 2022 07:23:32 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg
45.89.208.114200 OK 9.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eb2788e202b42bd4ed9c00da65177cab
b41274430e9536997de023417d92f11369e77575
5080078742b9bbbba8c621d5d792cd85924bd38de6fe98c307519635c85068eb
GET /upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9198
Last-Modified: Wed, 09 Nov 2022 11:56:55 GMT
Connection: keep-alive
ETag: "636b9587-23ee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg
45.89.208.114200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a851699c040093c6258a517d4a21754c
36694f6e59355810812cc9bf4f14923bd113bf57
4324808633de91c512226f155a53e2948cecde35d7c043e345b1808ca3e654fc
GET /upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10992
Last-Modified: Wed, 09 Nov 2022 11:43:49 GMT
Connection: keep-alive
ETag: "636b9275-2af0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg
45.89.208.114200 OK 8.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b37668393badadcdc83cbbd8c2d270b9
ec868345651a0a572be800dc280c523a5141746e
9f6b1fb2fc86f344f90be7f8c9e3b7dd46f720c763cf2c512281c2d5b0eefeb1
GET /upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8820
Last-Modified: Wed, 09 Nov 2022 11:56:39 GMT
Connection: keep-alive
ETag: "636b9577-2274"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg
45.89.208.114200 OK 8.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 727b944cd1aba9ef6c40fff23ff8dd16
2d53f409fbb8c61e5b546afe620c9f0060d595f5
1ca41272012a8ce6e49b03ffadbe019e597e6a0ce4209f2ea9aa44bedb8bbc58
GET /upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8112
Last-Modified: Wed, 09 Nov 2022 11:43:45 GMT
Connection: keep-alive
ETag: "636b9271-1fb0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cd1b39b551eaba1fd79a8e4ad85ab583
1a16d37a805f8fcf79c9c292a7dec46416075deb
131ee1012301e871aa6c42f25a18534eecc19f191b45c5b5e79c5582437c43b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "638274cc-118"
Server: ECS (amb/6B80)
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89f90763cb02cdac6febf898020db5d9
a0c1e963279fe05bcc630481c5c8a4d3e9a85acb
b45dbab89343f359026753ef7b29c0bc9a3f56d88d679a967b0e6c361fcb65d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B45DBAB89343F359026753EF7B29C0BC9A3F56D88D679A967B0E6C361FCB65D8"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Mon, 28 Nov 2022 08:24:02 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg
45.89.208.114200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4bc1f6080808f5567aa2754091308cfe
46c0ef41ca2dbca42a6032a588f209dd180e838c
c744e7bac9264d81e0a1bd4aca7c54f0237396c643569834dceace99fb3e022b
GET /upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 12295
Last-Modified: Wed, 09 Nov 2022 11:43:49 GMT
Connection: keep-alive
ETag: "636b9275-3007"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e4352389a1d0c31caf03d7b12f5d32f
56047be6ed1a8cfd77a329933b16936fb6abbcf0
971e60d4f19aab4c74ebe008b4a2336a5465c4afbf67b4a520dcc2bcd51fdfeb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "971E60D4F19AAB4C74EBE008B4A2336A5465C4AFBF67B4A520DCC2BCD51FDFEB"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Mon, 28 Nov 2022 08:09:58 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.28.152200 OK 65 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.28.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:57 GMT
etag: "637c0275-ff86"
expires: Thu, 22 Dec 2022 05:10:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 526356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOpPXHo5fjLZ%2BI2Xd5cKLMA1GkO5PjiaQaMM959%2FipinvkEtSZPE6yXqgFWm03fgadYuTW66aDDUAT6X6giuciVO2o0kODUE%2F0wEhiujO6dfCB7KvQdSLKtJ9vfk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd9bcdffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89f90763cb02cdac6febf898020db5d9
a0c1e963279fe05bcc630481c5c8a4d3e9a85acb
b45dbab89343f359026753ef7b29c0bc9a3f56d88d679a967b0e6c361fcb65d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B45DBAB89343F359026753EF7B29C0BC9A3F56D88D679A967B0E6C361FCB65D8"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Mon, 28 Nov 2022 08:24:02 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cd1b39b551eaba1fd79a8e4ad85ab583
1a16d37a805f8fcf79c9c292a7dec46416075deb
131ee1012301e871aa6c42f25a18534eecc19f191b45c5b5e79c5582437c43b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Last-Modified: Mon, 28 Nov 2022 07:23:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg
45.89.208.114200 OK 7.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dada8b67d302d8494cf5a263e5d82b22
c6c99c0ba3823f827b61267f1c98759e65fb7786
e43322f2ca7b1ed6208d7446885692b70eb1b5f813cd4449d9f8fc535d37becf
GET /upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7026
Last-Modified: Wed, 09 Nov 2022 11:40:03 GMT
Connection: keep-alive
ETag: "636b9193-1b72"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.234.198200 OK 65 kB URL HTTP/2 kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.234.198:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvheee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Wed, 21 Dec 2022 23:06:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 548236
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkLEFAO3DntcaipcH%2FUrtj7ehm7oICnrpBzsIlFQeG%2F7D%2BNx0luFY92onCncMNSQwjfs%2FZ6QXdLOZf%2BSI%2BSW%2BaTU1dxiAhyNUlfMaHPgTbsWl75LF7OV12tl5Szd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd9dd4a7591-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.234.216200 OK 902 kB URL HTTP/2 kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.234.216:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sat, 24 Dec 2022 17:43:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 308408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tYUhYKxNnJUigZN8LlniGiTASDkx%2FZvWdYth4flQMPjiUM0kQAQ1qbGuIjkm%2BpQT5chOGjzEC0vd0gT4Pt2T505pHLy1Z6GGJT92ILJ3mcWup9apSiFp7oTff8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd99ac574b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg
45.89.208.114200 OK 2.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8211e789e788a734ae74e5312a400d2e
3a5c26bb629db8e45053f809a7dc6abe1476d2b2
60c30c2a95cdcb0ccea3048f987d412525c82039a0e3fe8046429ecd8849aad8
GET /upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 2025
Last-Modified: Wed, 09 Nov 2022 11:43:59 GMT
Connection: keep-alive
ETag: "636b927f-7e9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg
45.89.208.114200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4539a1894800311e3a3527f0bdb390fe
a5b64596b6de6bb31c89e23ce0a0f94ed5ca5c0b
642626194e2523a143e5597404e6ceccace5022a05b4847411c196e0621429d2
GET /upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10645
Last-Modified: Wed, 09 Nov 2022 11:40:03 GMT
Connection: keep-alive
ETag: "636b9193-2995"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e4352389a1d0c31caf03d7b12f5d32f
56047be6ed1a8cfd77a329933b16936fb6abbcf0
971e60d4f19aab4c74ebe008b4a2336a5465c4afbf67b4a520dcc2bcd51fdfeb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "971E60D4F19AAB4C74EBE008B4A2336A5465C4AFBF67B4A520DCC2BCD51FDFEB"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Mon, 28 Nov 2022 08:09:58 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg
45.89.208.114200 OK 10 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0bb34342cf6806ac6c7b344d352717da
498a8923ac084f3c5580630eba2ea7c47e1f96bd
956506047c8d808eafff6f2b6e6841e0e58a42b247c29f11b1f3a9010b6e7303
GET /upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10033
Last-Modified: Wed, 09 Nov 2022 11:39:31 GMT
Connection: keep-alive
ETag: "636b9173-2731"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg
45.89.208.114200 OK 8.2 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2771a20baaddfe8db263fe867d0eae26
2793488c395a8ffdda0e31c6f8a70c7b2994d1aa
505d7cb39c06faa1e0f9bb2ff5832913400cf6c30de923a622ff66484d2dba34
GET /upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8161
Last-Modified: Wed, 09 Nov 2022 11:43:51 GMT
Connection: keep-alive
ETag: "636b9277-1fe1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg
45.89.208.114200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 41dd7c53078ee5871d126546efea5c4e
259775415f17df3edb015160d36e30cf14bdc40a
1009762ffa46ad416ff40f875f3f781e5fc45f1ddd031c2ce3c0de4843d2faba
GET /upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10913
Last-Modified: Wed, 09 Nov 2022 11:43:52 GMT
Connection: keep-alive
ETag: "636b9278-2aa1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg
45.89.208.114200 OK 8.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash ad2999740a5b6501bac8e1676b5f2847
551d6c44ca7c692e348241325dcfec75228b813f
54b108efb27260f2ef820d1ee07a923c33c5dc3d8b6a46e8b4a559d768876ddd
GET /upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7968
Last-Modified: Wed, 09 Nov 2022 11:42:10 GMT
Connection: keep-alive
ETag: "636b9212-1f20"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg
45.89.208.114200 OK 12 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9910d299751b7d620f2d30e6754a1c5a
7c166d9642f7bfe0f067a628257b8bae9aac4ce1
99256fc0694118af3e459dfd3b44b2cbc5e32a6ba4bcf52708b79e4f762d593f
GET /upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 12175
Last-Modified: Wed, 09 Nov 2022 11:38:54 GMT
Connection: keep-alive
ETag: "636b914e-2f8f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg
45.89.208.114200 OK 11 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4d3b65d8f36d23984f5bdfe49571502f
c97873a2844dc97559e545c9699a0e9885fa5013
65c8bc62017d28bbf38914f1d2e4f401b773c3379d97aa9b5bf70f80abf9bb84
GET /upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10891
Last-Modified: Wed, 09 Nov 2022 11:42:04 GMT
Connection: keep-alive
ETag: "636b920c-2a8b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg
45.89.208.114200 OK 15 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8296b8a301ce7d31d92c082ca510e26b
94c13b750e4de0da862e73bd425b91677f81ab9a
8bd6092076e884c96e18272460dfef0b740eb3413e8a79c986049ab33492e42d
GET /upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 14727
Last-Modified: Wed, 09 Nov 2022 11:42:03 GMT
Connection: keep-alive
ETag: "636b920b-3987"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash bb3b695c2e69240a93f14e9fc1cb6f79
e0074a5daa6b89f3dd44e8c07a0dd370f3731a42
6f62f8efd3862c89a9bec8ea409c59d3f36e8936f1acff92813327849513767e
GET /hm.js?3eb04e3382620d144da5a7211093bbe4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: 838af249e546d22734c435db1374df06
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F24923D0EA28693B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 992e8e889ac5814ea3dfa3226b559e51
e9e099ebff14d9c845893d3ccf41eea90d8f9fc5
c8bdab6fa7bde77b079b3e461d8baf85c0eef33b2e87a1b1e5c937f8c64a9958
GET /hm.js?21163e28fa33ea9019628ea7f6431328 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: b928c521870c4d0fba849e6b2164480b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3B89FE7D3DAC9E8B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash fddf5133ff6420ac87498d5651516b7f
37859c9b980342aca1e8ad595df4d943d66744b9
0aa4bbffe3cf371290773b45d48a033d7ae9b3cc4588670ed0494ae95a9319ea
GET /hm.js?3df8be917891033aa229f40ad4fd25e3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: b0b6fc7ad124911e79045304807ba882
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=509C090274E59881; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CB4EBF3056E7B312; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=33B4845943904FB8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2F49C3895329F9DE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:08 GMT
age: 32849
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2