r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7895
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 07:17:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 06:37:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KcQXCFELlDGkuxqcd_RUuPCgdbhD_2ZcXw5Rbb6ZdvyBq9tGv1WPfQ==
Age: 2393
beklemeto.com/
38.54.178.33301 Moved Permanently 0 B IP 38.54.178.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: beklemeto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 07:16:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.beklemeto.com/index.php
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q40kz8F26p66mZsHqY2y_Qdqcc2HdEzAVaogUtGdRv785uviSL-m2w==
age: 78774
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 06:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 07:18:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GCCMw5rRvSBOlX6S8haFjOBUkYVi6NmxgViS2qfI7lK7dJki__M7lw==
Age: 2855
www.beklemeto.com/index.php
38.54.178.33200 OK 398 B URL HTTP/1.1 www.beklemeto.com/index.php
IP 38.54.178.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (349), with CRLF line terminators
Hash 76e5986294378cd81c4a06788ac43c07
08c3ae4a7c07789842c71c7b806518f68c280b87
c87aad436fe344051b1e57df437da5a37cbca48397f54bb08a6a19f6ef5ed4c9
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.beklemeto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 07:17:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:08 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.beklemeto.com/common.js
38.54.178.33200 OK 1.9 kB URL HTTP/1.1 www.beklemeto.com/common.js
IP 38.54.178.33:0
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 4e6199d34c214b339a11e6eafeb3ee49
133d97581c588cc800edb73d49d2a05d48f27bd5
de06b497bd8230df6397c5903088ce0263a656ca2a88b3d46303b609370bffcf
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.beklemeto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beklemeto.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 07:17:00 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.beklemeto.com/tj.js
38.54.178.33200 OK 364 B IP 38.54.178.33:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 7c00b94b325e509b09cbd4286e06c3c4
dace66c03ca1b3e3545edea417fd23353923440f
921299b941a3aa6851dc77078a2f763665759670e6d7eb3a41e5df4a0e959b1b
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.beklemeto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.beklemeto.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 07:17:00 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WvBXQbi/BBpPWVqCNtpRUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9fLALjgMa0tFiIrQePlGqZNUcoQ=
209.73.159.131/shebi-common.php?val=shebi17&t=0.10207873027263581?v=0959113318778123
209.73.159.131200 OK 89 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.10207873027263581?v=0959113318778123
IP 209.73.159.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8785697ecc8bf43ddae22cdedb1ffc26
e72c7ae9fee509ff5cf60d2acf040f602c162b24
d2b6b02b418273556869ac9975660b37b81800c6d439a87e36c2dab1216d001c
GET /shebi-common.php?val=shebi17&t=0.10207873027263581?v=0959113318778123 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.beklemeto.com
Connection: keep-alive
Referer: http://www.beklemeto.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 07:17:08 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.131/shebi-common.php?val=shebi17&t=0.351716025731706?v=007928479487509155
209.73.159.131200 OK 89 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.351716025731706?v=007928479487509155
IP 209.73.159.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8785697ecc8bf43ddae22cdedb1ffc26
e72c7ae9fee509ff5cf60d2acf040f602c162b24
d2b6b02b418273556869ac9975660b37b81800c6d439a87e36c2dab1216d001c
GET /shebi-common.php?val=shebi17&t=0.351716025731706?v=007928479487509155 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.beklemeto.com
Connection: keep-alive
Referer: http://www.beklemeto.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 07:17:08 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16049
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 34270
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5fa204bcc10731bd63c68095a6d5b85c
bb3d4626c2b6d94bdb74d3914dd650d9f6317857
eadec2647065ce0d86f77831abbf3cfe3d53361cbea0a3974a9262eeacd969e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:10 GMT
Last-Modified: Wed, 28 Sep 2022 06:34:48 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 22 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
Hash 715f1e4715cb6d1bd36ab202d7b7628a
ddc455a9520838282944c5776828db4c100ec4a4
d8a24853a42c4156008830da3266ed8d45ba483aa9f49c0c85149bd891f9bcbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:08:22 GMT
age: 528
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 32310
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 34267
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kqeQV7wIw3SgSUFs3Nd3ZOV_0b9ETAw1X1_c40UXEjLZAT-JTqIQhQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
age: 34026
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16049
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16049
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 34092
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.bdstatic.org/scripts/common.js
172.67.150.89304 Not Modified 0 B URL HTTP/2 cdn.bdstatic.org/scripts/common.js
IP 172.67.150.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /scripts/common.js HTTP/1.1
Host: cdn.bdstatic.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 26 Sep 2022 05:57:49 GMT
If-None-Match: W/"63313f5d-1496c"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 28 Sep 2022 07:17:10 GMT
cf-bgj: minify
cf-polished: origSize=84332
etag: "63313f5d-1496c"
last-modified: Mon, 26 Sep 2022 05:57:49 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 4421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oThnlMoKsUOMZac%2FuI6Xh4qfJqpatov%2BkNoHTnIxYlQQBsZAqx%2Bg4ZOjb%2BpeEVLlJhqXEQuQGBPt%2FXbai6R%2F%2BqHDN8ieblIfbW1kqKSnei226UBdw9QsKIx5J2x%2BwVrtbbgK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a3cdd30b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5fa204bcc10731bd63c68095a6d5b85c
bb3d4626c2b6d94bdb74d3914dd650d9f6317857
eadec2647065ce0d86f77831abbf3cfe3d53361cbea0a3974a9262eeacd969e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:10 GMT
Last-Modified: Wed, 28 Sep 2022 06:34:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2e4754204a93957d704c0f4d5fbf787
62016ed19bdd131ef3ba0fef40352e87df60a8ea
d46424629b3f9a4eeae4ec95b994a24d9c19ce7b269dbe82dfd611c6f5240fb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D46424629B3F9A4EEAE4EC95B994A24D9C19CE7B269DBE82DFD611C6F5240FB6"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Wed, 28 Sep 2022 13:16:49 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e224b24c11033b19bfd7de1939176a5
510326d9590b59c86f9d2b565d85491b8ca8dc82
0a1a80caa2112cf94bf61658550b820401283e59376750d805d289a6f1090aec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A1A80CAA2112CF94BF61658550B820401283E59376750D805D289A6F1090AEC"
Last-Modified: Mon, 26 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10939
Expires: Wed, 28 Sep 2022 10:19:29 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2e4754204a93957d704c0f4d5fbf787
62016ed19bdd131ef3ba0fef40352e87df60a8ea
d46424629b3f9a4eeae4ec95b994a24d9c19ce7b269dbe82dfd611c6f5240fb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D46424629B3F9A4EEAE4EC95B994A24D9C19CE7B269DBE82DFD611C6F5240FB6"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19868
Expires: Wed, 28 Sep 2022 12:48:18 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5fa204bcc10731bd63c68095a6d5b85c
bb3d4626c2b6d94bdb74d3914dd650d9f6317857
eadec2647065ce0d86f77831abbf3cfe3d53361cbea0a3974a9262eeacd969e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:10 GMT
Last-Modified: Wed, 28 Sep 2022 06:34:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7a1d11e0b15d3e53080a14ee2d81fdeb
cd7c8417469e758fd64173a9ce098ffc23972fc2
e648c4b05ee7ad521ba51766d8126a4083ba6f5c5db2d1ff6d33cf9a7bce62b0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 02 Oct 2022 04:57:56 GMT
ETag: "cd7c8417469e758fd64173a9ce098ffc23972fc2"
Last-Modified: Wed, 28 Sep 2022 04:57:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 918
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751ab2a4bb5db500-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2e4754204a93957d704c0f4d5fbf787
62016ed19bdd131ef3ba0fef40352e87df60a8ea
d46424629b3f9a4eeae4ec95b994a24d9c19ce7b269dbe82dfd611c6f5240fb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D46424629B3F9A4EEAE4EC95B994A24D9C19CE7B269DBE82DFD611C6F5240FB6"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Wed, 28 Sep 2022 13:16:36 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e224b24c11033b19bfd7de1939176a5
510326d9590b59c86f9d2b565d85491b8ca8dc82
0a1a80caa2112cf94bf61658550b820401283e59376750d805d289a6f1090aec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A1A80CAA2112CF94BF61658550B820401283E59376750D805D289A6F1090AEC"
Last-Modified: Mon, 26 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da981a3c8a7dffcf86a392f303d6f6cf
fff30e0d98feaf3526326225b49bb39ddd586e0f
9e3eda31ce9424027a4c389f6909f32c5eb4b1a8fe438ba46db6d54df4befea2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E3EDA31CE9424027A4C389F6909F32C5EB4B1A8FE438BA46DB6D54DF4BEFEA2"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 13:17:10 GMT
Date: Wed, 28 Sep 2022 07:17:10 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20220927-1/f3440e6c47646f5fed5ea91b8bd69f6f.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/f3440e6c47646f5fed5ea91b8bd69f6f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c59ebc1ec936f5f6421a47535afaace6
007d0ea700d997ab2ee1f37d44f4f50213a20b62
4bd72e81934111fd5a761945c471e9cbd6d134fc9a90e10ebd9dca98566cb08d
GET //upload/vod/20220927-1/f3440e6c47646f5fed5ea91b8bd69f6f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11111
last-modified: Tue, 27 Sep 2022 10:30:06 GMT
etag: "6332d0ae-2b67"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/2780fca03ec7126ce79ed4eb8990e88d.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/2780fca03ec7126ce79ed4eb8990e88d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash ba1eaf4ea2d9163e0ccd3b1ee01ef838
26612ffadeaca2976e4b60df0b9847c3d160a4c0
b5d9975aa318ac07d28845e468706807978ba9b3344a5850f2e1501a473745f0
GET //upload/vod/20220927-1/2780fca03ec7126ce79ed4eb8990e88d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11269
last-modified: Tue, 27 Sep 2022 10:30:05 GMT
etag: "6332d0ad-2c05"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/53953172f067a79bc12912b9f338bc41.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/53953172f067a79bc12912b9f338bc41.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 7e412ea65c35a12a9259e16ab6277bd5
75d6e480caed7944a8ff8eac7f32f07e9247b145
778b7b99787b8f55a36e2284fb0b69ae4a9d776554b7e600fb12d5237e8b3081
GET //upload/vod/20220927-1/53953172f067a79bc12912b9f338bc41.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12357
last-modified: Tue, 27 Sep 2022 10:30:05 GMT
etag: "6332d0ad-3045"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
104.21.86.153200 OK 616 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP 104.21.86.153:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 41b70f6006b75152e5ba79a33369e08f
66a0a182572b360a06b3fff7ea394024d95e45c9
3705ba8eb8efef606409820c83f4ba6f35d6f8b1375481a6216dd39c2573c42a
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:23:31 GMT
etag: W/"62cfe093-1be"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zkdeer1d2o53G2POmhI9LyjFSCTM%2BwaM0uMTIpD4%2BN54DmZBAl18w2v38ZwEKBsBvNhVMB1QEAkCxRiVPTQI9nP%2BFbceld8m9ZeLB73e08WSB89TSxuSpg2NJZeCVMxgmPxOA6L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf6a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21278761.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278761.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash f699a4e503fc96bb448fbeeacd19e72b
02d1fa6a3772ec3c809a06b2c67abd16f2c1469c
3865324eadef796b018a5eee7bbdd260fd2ee812abe42204517b2ac6c07d779e
GET /21278761.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 28 Sep 2022 07:17:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=ab1ce4f698872969db0; path=/
HWWAFSESTIME=1664349428103; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
tk.learning8808.com/images/zbcpa2.png
172.67.182.207200 OK 162 kB URL HTTP/2 tk.learning8808.com/images/zbcpa2.png
IP 172.67.182.207:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 162 kB (161572 bytes)
Hash 64c0f3edc7b3bfd2a2c009f3b93ebd7d
70dee1bf54047d14220328f8ab47d299a679a519
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
GET /images/zbcpa2.png HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/png
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
etag: "6269310b-27724"
expires: Wed, 26 Oct 2022 13:00:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 152230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9y32HQ3sddLVOvTq5T96Vk0727o2ewFhVuzvZVpT7V%2FXfAlEBPEI4MlDC1bA768bjplLfhwfiqwZcod4sLLkqBN7MuQeRWxkzdGYNni8DzQLFmnIUeqTJsvWXadPfqKeq2ptDV8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6cac5b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
104.21.86.153200 OK 194 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 194 kB (193550 bytes)
Hash 0a3c91c793fb542ea65c54b529f47cf3
3535c92328222df030fb8391305c35309696303a
3aefa3b604d2b29fe34bb3deb806d7aa693f49479d9534555b24f3ecc5864c7b
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 14:04:11 GMT
etag: W/"6308d2db-3d1"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Orn%2B4GYxOVWY8OIXSksKnb4Jtcrci9TQMSQf03w9JC8zrLXedImJB9KpUQogSXN1Ra6C66xaNypPWcv%2F%2BpW%2BGzYRSId%2FCh%2BfVj7cFMkFdXiWgj%2FZMrx3fFFg0SvFW0V1l9%2BFk%2BkD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf630b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt2.gif
172.67.182.207200 OK 377 kB URL HTTP/2 tk.learning8808.com/images/xt2.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 377 kB (376694 bytes)
Hash 8e954a81cfc4fcdc8b1d5ff074a421a7
80810fedd18106dc58686ddc5106e7586ec38bc3
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
GET /images/xt2.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
etag: "626930fd-5bf76"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1988255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9serwjA508W2B5TXLLwZQL4ZNemiqeWz0R6Y7Yr7heRfqkazq6lDmB06wT80hDd0%2BeAKDIkUHGSyQhI34Yb%2BZZrhIE%2FGwFzqMrQT6NF%2BLd8CP5oUTm7DM5wkZN72PcuXRp849mXl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6daddb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt1.gif
172.67.182.207200 OK 444 kB URL HTTP/2 tk.learning8808.com/images/xt1.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 444 kB (443705 bytes)
Hash 8bc908398e73478d0b28d85191689891
5e9022d7583285c988d0acb55b6db7c920f3c3d0
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
GET /images/xt1.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
etag: "626930f7-6c539"
expires: Thu, 29 Sep 2022 03:06:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2520630
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie6itKv3UkZZaSl8hHxYDGrydjaInnKoSjSjcpLgA5TXKGUrCodb0cWFv6E04LU%2B7I4J6tvevfUFj1Iaui51rWgGZwLwQ5o4KdNMiAWYO754JjuCSsbefxr6Slp1ypnXfeWlF6%2FH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6dadcb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt7.gif
172.67.182.207200 OK 269 kB URL HTTP/2 tk.learning8808.com/images/xt7.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 269 kB (269177 bytes)
Hash 3be5bc895ae3e525bbcfbb2a2696ed0f
1f3d2c548412b47b65acf224f1a6b7bf89dcf876
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
GET /images/xt7.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
etag: "62693107-41b79"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1988254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuWbIrS2pDg1ucrmU8HG2WWaV5ghcY%2FggQv7Wq4WxQ7%2BOlciQuIi%2FqT2ejSI9mCrE69uC3%2B3bORB5A5KvLcK0DNDGtpZFi0fZ8SDT3P2n7Yvyk%2B2CmWjoykIXjHRyn4sER5HkwxK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6faedb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt10.gif
172.67.182.207200 OK 624 kB URL HTTP/2 tk.learning8808.com/images/xt10.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /images/xt10.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
etag: "626930f8-98484"
expires: Sun, 02 Oct 2022 17:49:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2208462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBD9kt%2B%2BB93TEbkS0Ur3lyTWVKmZUlFdroN2hkXPPYj3E16ge%2B4VzPtBCL%2BLaf%2BeuuzHwq%2BcdmIE5fMs8FDuJMFnzheZNbhXK6JCs5OK06YoDvaXqENiOfBNc%2BjJMH1iFG3Qqgq3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6dad7b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt5.gif
172.67.182.207200 OK 1.7 MB URL HTTP/2 tk.learning8808.com/images/xt5.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.7 MB (1693315 bytes)
Hash 036bdfc6224659a646168502a1742fb5
69ca9749e1a5f16d97d91c5c28f8c5d541093fd4
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
GET /images/xt5.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
etag: "62693103-19d683"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1988254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbncHVQeQRJZrrWjfQxfAMg6ymdNC0vcny8KgWlsdGhNCLrRFnscqZ13Chzl327QYfEXvZqGr7khclDJUIGPDilVm2vr8yDs%2B3M%2BS4RHYsakLuLocaW5tck8GQYRguHRjOvXj6lp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6faeab52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx1.zhgmjglh81k.com/
172.67.200.162200 OK 34 kB IP 172.67.200.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 4749f9cae5ae79212802c70c2624e6aa
25bfb59df8a9f4f61af064131ee5c35db85787be
3e9b0dbaa888b89f3d1e2119780d6fafb015741ae75f5090ed329c845b765019
GET / HTTP/1.1
Host: klx1.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beklemeto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RmvHEZezV3wc8wWzp45GAexVOrJV9o8T0ZzmeV0TFBtItq2HK4em%2B7kj4X2HcCU5inHWScx4negP4y02UwRuMRsUHaH37V2HF%2FwX4NMDYeMH1gsc%2FiHHBt2MwxfGmczFxzZR5w8XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab29ae9a3b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/a8d5cdcd8ad4485ec7894f4d2211d368.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/a8d5cdcd8ad4485ec7894f4d2211d368.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 315a811a3984a44ebba57594b6b63414
1e8323dc7a6f98724f709f02d9f0e85676e6bc51
33977febb1b4b0e80e9f82fe2974c831ff503aeed358d139d64e27987fb3d137
GET //upload/vod/20220927-1/a8d5cdcd8ad4485ec7894f4d2211d368.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11400
last-modified: Tue, 27 Sep 2022 10:30:05 GMT
etag: "6332d0ad-2c88"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/85e32bc4a1ee45ed981c7ec670d64478.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/85e32bc4a1ee45ed981c7ec670d64478.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 38738ba58ca31e0fadfdc3adc0be2e06
84bea0be4bae0f64e4109c09870abfb434331a97
2a035bff45a3dc069cc1a75e36b01b6cc958c0ae9471a91f2fac5efbe36f1edf
GET //upload/vod/20220927-1/85e32bc4a1ee45ed981c7ec670d64478.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 14019
last-modified: Tue, 27 Sep 2022 10:30:04 GMT
etag: "6332d0ac-36c3"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/364065432f5423f13f150719fe73f8ea.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/364065432f5423f13f150719fe73f8ea.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 1dd7dd625703ea8caceb6126b333896e
1472c59ae7346626f72c3e330a7a74ffab0dde56
264f7e8eb41e3eede7227dd58fb523ef04f6a0608ae79e2d5444b8bd77257c45
GET //upload/vod/20220927-1/364065432f5423f13f150719fe73f8ea.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10116
last-modified: Tue, 27 Sep 2022 10:30:11 GMT
etag: "6332d0b3-2784"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt9.gif
172.67.182.207200 OK 329 kB URL HTTP/2 tk.learning8808.com/images/xt9.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 329 kB (329331 bytes)
Hash 0982fef3f808ddf5925e60c39af631ba
80d6f27859a94c2c49b9175d2e9f84e6bd9b5605
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
GET /images/xt9.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:11 GMT
content-type: image/gif
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
etag: "62693109-50673"
expires: Sat, 01 Oct 2022 20:57:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2283553
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kejAHeb0Fw%2FFb%2FviObvb%2F5UIhj2UfIXvGGtRROQQT6UncpzyXQiAiDYHr69hsZ9NTY6m%2FHNotlMtTPnIiWw%2FtGs3I2IsBX5e%2FnR1aTs69VVzjowp09C3A1saSm%2BkTxd2xSl%2F4s4Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a84cd1b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/e5fffb6205d7402faaca1833dd81cbe8.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/e5fffb6205d7402faaca1833dd81cbe8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash b1c5f8ff54cbdb1eda7df96a6ae40ed7
b3b1af428bcb7ab46d7efaa44c3b29c0e2520358
f611e412661818545f58f3f9c8fbe310ed9ad32092015c3b90502cbd89c315df
GET //upload/vod/20220927-1/e5fffb6205d7402faaca1833dd81cbe8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12210
last-modified: Tue, 27 Sep 2022 10:30:11 GMT
etag: "6332d0b3-2fb2"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt6.gif
172.67.182.207200 OK 2.2 MB URL HTTP/2 tk.learning8808.com/images/xt6.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 2.2 MB (2168710 bytes)
Hash a0d945b4c30bc77735161545d1e00072
87c77a030ae771c3010d1215f73d1426e03f48dd
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
GET /images/xt6.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/gif
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
etag: "62693105-211786"
expires: Wed, 05 Oct 2022 04:52:05 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1995905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HfRtV10A3sZdtM%2FEQHon%2BhzDfjzB7rT9LPVKSL99TAGNpRfDX6srWy6D4a3PjHM%2FOijQggfZvbjwUeWH10m4Tk1dzd%2FZjEeZ84nLUesmeChSUitRxSLvHiTU88xJfCuhYzJyX1C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a6faecb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt11.gif
172.67.182.207200 OK 1.6 MB URL HTTP/2 tk.learning8808.com/images/xt11.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.6 MB (1639812 bytes)
Hash 89f17a6c0e5ecfebd7d054e27f9829a9
f8b87ba147f755491aa9753f750867d8349ced11
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
GET /images/xt11.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:11 GMT
content-type: image/gif
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
etag: "626930fa-190584"
expires: Sun, 09 Oct 2022 18:21:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1601734
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq0fEeF0A1C4wuh6RC1lvukYH6yrtKT%2BlTG0UcsjkRjMBTmN6yrEYYVVcWGnNSLG%2BqFSpVluuCLonhPGEHXz7kgMf7cT8bdBqRkhodd88Ze3h%2FjiIJPoyk%2BglTFL60VoEGrtlGy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a84cc8b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/ee4c678a6dcdcc23209ee4e5b543905f.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/ee4c678a6dcdcc23209ee4e5b543905f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e2504914a40059d28ac837e48e891086
5d56bff9ce909c7edc53182071976eaf969344e1
4941491e812b2ec23ec10a9147392360262eea0cf695819e15e1b0c3c65ad98e
GET //upload/vod/20220927-1/ee4c678a6dcdcc23209ee4e5b543905f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11664
last-modified: Tue, 27 Sep 2022 10:30:11 GMT
etag: "6332d0b3-2d90"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/71a9e6ef0c53a3622e1819f65dbbf3f2.jpg
136.0.141.5200 OK 9.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/71a9e6ef0c53a3622e1819f65dbbf3f2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c06e1fc8a60a42580fa1de64c0cb1554
0dd0b1d18cf02436e0dfa37c0f4390c39839b529
137e0f356f07947ebac5cc10672c32eeaa724a988baf5ac52817598a48a6aa36
GET //upload/vod/20220927-1/71a9e6ef0c53a3622e1819f65dbbf3f2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 9667
last-modified: Tue, 27 Sep 2022 10:30:11 GMT
etag: "6332d0b3-25c3"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/7e8710f1cd70abbceba8d063f35be520.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/7e8710f1cd70abbceba8d063f35be520.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 65b6a2253789002d142d0a64ab5a694f
5c17cde73249a72a81de0eb2e91297fc6984ca1f
c43e82cb23c76d7ce839f22070caffcbb7ab647b3b0ab44a9b92946b624d840f
GET //upload/vod/20220927-1/7e8710f1cd70abbceba8d063f35be520.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10239
last-modified: Tue, 27 Sep 2022 10:30:11 GMT
etag: "6332d0b3-27ff"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/63a4769dea03e543125977048032b6ba.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/63a4769dea03e543125977048032b6ba.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash d69623d37125aedfc979e8a834cb0099
5075e6c8f1d7b6396c67424e16dcfd9175c1b00a
1ec27bef97a8cc61ca854036c6f27f142c4f8bb5e92252279fac1e8368029a24
GET //upload/vod/20220927-1/63a4769dea03e543125977048032b6ba.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10541
last-modified: Tue, 27 Sep 2022 10:30:10 GMT
etag: "6332d0b2-292d"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/bcb2463a65ac043d9156043097e5115f.jpg
136.0.141.5200 OK 9.9 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/bcb2463a65ac043d9156043097e5115f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash ee64c88b84061ef416e6ad91e3fafa40
ce547b1fdaac0816c8df99f2c6a29a271e6b12a3
d2f9de84eed2ab95e4f1d8f0b95b190f8825b62df9b5c4f005373b61f89895ab
GET //upload/vod/20220927-1/bcb2463a65ac043d9156043097e5115f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 9899
last-modified: Tue, 27 Sep 2022 10:30:10 GMT
etag: "6332d0b2-26ab"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/fea00de1bde44308d4db6966645ec65b.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/fea00de1bde44308d4db6966645ec65b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash ca1baa57e2f2325dbb84b8af8465b465
5c00b11c0f2ae92ea1eb93937f84a5c2fe079e23
0277b1aecae7e6024b8ecab65a3273f4efe96bbe7f6f3be5b4dbfc6fd3493237
GET //upload/vod/20220927-1/fea00de1bde44308d4db6966645ec65b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10237
last-modified: Tue, 27 Sep 2022 10:30:10 GMT
etag: "6332d0b2-27fd"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/74d934b9f0e6527cbf3edec42fb0e77a.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/74d934b9f0e6527cbf3edec42fb0e77a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 66ddfd5d4491b1366709cf2819e6ade9
355769f379bd41a41690098b53489f57d9dbcd37
f05ba016350f916b949044cf0718d5e2db36de3037ad7017c339ef3b08126529
GET //upload/vod/20220927-1/74d934b9f0e6527cbf3edec42fb0e77a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11256
last-modified: Tue, 27 Sep 2022 10:30:10 GMT
etag: "6332d0b2-2bf8"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/6e2b2430ed45c576c2a743f1337639e8.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/6e2b2430ed45c576c2a743f1337639e8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c024537a04ccd3f34ec6913673cba692
3d4d11bc1dccc5a6e28743c37b9747e2ee7f22f6
301ffcaf516c96bb433de9a2a5ffc0a996ab0bcb96f66286d3aedd3f114201ce
GET //upload/vod/20220927-1/6e2b2430ed45c576c2a743f1337639e8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10744
last-modified: Tue, 27 Sep 2022 10:30:09 GMT
etag: "6332d0b1-29f8"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/b9f1d540291a8b94d4772aa2544f3942.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/b9f1d540291a8b94d4772aa2544f3942.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5df3d004d2544d5a90ad0542b0a66d7f
43582ff85975ddd8ee4da6dc94c2a56ef0e802b2
bd96f789d6b0e36580108c43f6a458b383e6504b21f48cef5b617a171a7bdc35
GET //upload/vod/20220926-1/b9f1d540291a8b94d4772aa2544f3942.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11205
last-modified: Mon, 26 Sep 2022 07:30:48 GMT
etag: "63315528-2bc5"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/577d32754c708deef6043b478914ac2e.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/577d32754c708deef6043b478914ac2e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 831e2fdd7475d028bb8ca1557c1d853f
aadca0cf20d973f0cc354137a11f2395c29a7065
79b5e7c60baabf8cb3eab37dc4630ae4c030f99d4d012d10202f0f00117d2a1d
GET //upload/vod/20220926-1/577d32754c708deef6043b478914ac2e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12975
last-modified: Mon, 26 Sep 2022 07:30:47 GMT
etag: "63315527-32af"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/0cd64fbe47ceb511b2a521509bc16913.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/0cd64fbe47ceb511b2a521509bc16913.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c8b58d94ce984482cf6e6fcd7e7e45a3
1ba36b3e9dbcbb0d3336ebe911f6cd3ae05c9724
d8b3b00aa2a2a3f0a76001079e0e0fe08f2487f42251deafcac066c94638d070
GET //upload/vod/20220926-1/0cd64fbe47ceb511b2a521509bc16913.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11202
last-modified: Mon, 26 Sep 2022 07:30:47 GMT
etag: "63315527-2bc2"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/f8e6df357ecbe9bdfbfdabd38cc05250.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/f8e6df357ecbe9bdfbfdabd38cc05250.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 821c79bdd9a3f152c2d3bf21e020f77e
548e7a663cda979b0bf6a00adc4640a6a343864f
4f58b4979abe6e0ea285852265c758cc39cdc3231b64a06dbaaba6a2d70254d1
GET //upload/vod/20220926-1/f8e6df357ecbe9bdfbfdabd38cc05250.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11957
last-modified: Mon, 26 Sep 2022 07:30:47 GMT
etag: "63315527-2eb5"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/9e7708358634f397f0d65fda2e018bd3.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/9e7708358634f397f0d65fda2e018bd3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9e54df991af5eb8f5978c67c682dd1b6
f6697badf25ae6c7d44824238b36a3012fe50518
24842a6447f6b966b8d7064771828ed7685a3b74e1c3f3d505aab798c4b3500a
GET //upload/vod/20220926-1/9e7708358634f397f0d65fda2e018bd3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 13010
last-modified: Mon, 26 Sep 2022 07:30:47 GMT
etag: "63315527-32d2"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/09e8e2c84617dc9f83ce26a2bd0024b0.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/09e8e2c84617dc9f83ce26a2bd0024b0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fec0d824d4a2cc10fb5882fece252ad8
e26b80a99e26be1e0d470523d4ac226804c55681
ccd63cce5160beb41b93517ec1dc14d3c47f95491674a4709986bd8bc5e42146
GET //upload/vod/20220926-1/09e8e2c84617dc9f83ce26a2bd0024b0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10563
last-modified: Mon, 26 Sep 2022 07:30:47 GMT
etag: "63315527-2943"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/7cbee0659a90cb5de50e6c58fb07a8b9.jpg
136.0.141.5200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/7cbee0659a90cb5de50e6c58fb07a8b9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2473457686a4c0e085f7dd9d94da37cd
c0ef9fc9bfcfc58fc7ab9b944e1fa077b401fceb
d0da191e892887d9c6eac2d9eac6fbb7f1fa880ae276cc3227459b3196c1e38e
GET //upload/vod/20220926-1/7cbee0659a90cb5de50e6c58fb07a8b9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 8641
last-modified: Mon, 26 Sep 2022 07:30:46 GMT
etag: "63315526-21c1"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/ea9c7654c188ae0efa8b1c09598fc5c7.jpg
136.0.141.5200 OK 9.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/ea9c7654c188ae0efa8b1c09598fc5c7.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2f58fb5f818f19ce3d8283b584b1dbba
b606209e34a74bf89bfcd17943a52f92b183f579
42b48179a774519e09d6d9778c84884a9997dcf8c46d0334195f3bf73a7d57c7
GET //upload/vod/20220926-1/ea9c7654c188ae0efa8b1c09598fc5c7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 9199
last-modified: Mon, 26 Sep 2022 07:30:46 GMT
etag: "63315526-23ef"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/b5061dc732f9b69fa85f61646955799a.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/b5061dc732f9b69fa85f61646955799a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash dfdc87a93438f173ecb098da03e7d9f2
30a74afa56443caa60df0da544ffc9c42a9de680
eafcf8d413f74767ea9cd6ce4ab52b368805757a7b270f0568c5ead6df539bd4
GET //upload/vod/20220926-1/b5061dc732f9b69fa85f61646955799a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10801
last-modified: Mon, 26 Sep 2022 07:30:46 GMT
etag: "63315526-2a31"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220926-1/82d2b60f93a0c75616651cc5a53d5e3e.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220926-1/82d2b60f93a0c75616651cc5a53d5e3e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 824965d98c781d696467e53521184c6a
87f8ce3b842b006136eab3364b46f4be082b341d
a1743e44b820885bbe92c6865b6e5b8ca541c8dee0cb33a12d8518177d608257
GET //upload/vod/20220926-1/82d2b60f93a0c75616651cc5a53d5e3e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11608
last-modified: Mon, 26 Sep 2022 07:30:46 GMT
etag: "63315526-2d58"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/d06abf9c590a567b802d7350d2db71e6.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/d06abf9c590a567b802d7350d2db71e6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 64e3abc97b7f5b0504fe4c6d70230038
772df915a11783340956770145975b1995e4c172
014be356603f00f876aed5523fcd8d0efa5757191b4ef9b01b73e928a0028303
GET //upload/vod/20220927-1/d06abf9c590a567b802d7350d2db71e6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11612
last-modified: Tue, 27 Sep 2022 10:30:16 GMT
etag: "6332d0b8-2d5c"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/99290b180a9e83afaeafd72d24c075c2.jpg
136.0.141.5200 OK 9.0 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/99290b180a9e83afaeafd72d24c075c2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b8400461c9fe2bbc02208230444f178c
151d5d19026a755dc2b1e63a8dc6511bb5a7d796
fd16a6230bf8590a33a4f3b4add63303233e93e4e35b70848969c93f3b7cabf6
GET //upload/vod/20220927-1/99290b180a9e83afaeafd72d24c075c2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 8986
last-modified: Tue, 27 Sep 2022 10:30:16 GMT
etag: "6332d0b8-231a"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/a22a9ba7dc9125874090e2cac35a3e8a.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/a22a9ba7dc9125874090e2cac35a3e8a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ddee11037801ce49bf7a4e8a7154ebc5
fc366bcd85fc45655ba7fa2a35244e4891570384
1826e42098d02d22c85193476d6676fc0613c8bf925ef320a8d494ca3b136075
GET //upload/vod/20220927-1/a22a9ba7dc9125874090e2cac35a3e8a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12582
last-modified: Tue, 27 Sep 2022 10:30:16 GMT
etag: "6332d0b8-3126"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/6435493e81123f43165892e419574e88.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/6435493e81123f43165892e419574e88.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fdb685c48181352e06069fef0b9b4eee
a9f682f6f005a4f42aa7bda9c5689815a7a8e6fa
e3df18d6b4916a2bd0e0abf82ff0f7d48a34ee166b068754cedc96485c20868b
GET //upload/vod/20220927-1/6435493e81123f43165892e419574e88.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11754
last-modified: Tue, 27 Sep 2022 10:30:16 GMT
etag: "6332d0b8-2dea"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/d8358c1c9d521328d9a632c54b91a36c.jpg
136.0.141.5200 OK 9.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/d8358c1c9d521328d9a632c54b91a36c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6cbbe663856069fe96a3a0ffc6e5cae4
6fb0b827da93ee2c2d12a75f9688c4ea009e1628
e31eb25fa0255de0b43a06c65155d592f4d7b35b7781cec24987b2da573b9c18
GET //upload/vod/20220927-1/d8358c1c9d521328d9a632c54b91a36c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 9405
last-modified: Tue, 27 Sep 2022 10:30:16 GMT
etag: "6332d0b8-24bd"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/c702445944f5dadbdeeec60549f29d9e.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/c702445944f5dadbdeeec60549f29d9e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 4e4056d992e1d4c37e5ec7df977e8fa2
a4d1c294f7a2796eacb8c3e8bca9b9444439fc3d
a210da1a49191a2acbc229c2a1072e804d0044f1276bc0c5ca6c0c09de0baa42
GET //upload/vod/20220927-1/c702445944f5dadbdeeec60549f29d9e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 13269
last-modified: Tue, 27 Sep 2022 10:30:15 GMT
etag: "6332d0b7-33d5"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/6df2b29194a8d7dfbc8059b06b787478.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/6df2b29194a8d7dfbc8059b06b787478.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5b6760b765c264bd82abfbd488eb1109
bff51097470e24664f0d245da6576528d4f17ade
97a2130d3a756e1fa9acd2fe74ef5f0be5ffb5c69cc3ae81376957469177a89b
GET //upload/vod/20220927-1/6df2b29194a8d7dfbc8059b06b787478.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 11091
last-modified: Tue, 27 Sep 2022 10:30:15 GMT
etag: "6332d0b7-2b53"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/4b6c705e7e869bf7d2093e51333a0791.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/4b6c705e7e869bf7d2093e51333a0791.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 928e578a89deec5251eb06429d47f0d8
c5a8584f7d8d93a3a88ddf390ae2403a4f42fedc
08595e4f41fdbeb04e997aedbc34e339ac0b6e8e3cd3068d7f38923f56c7fecc
GET //upload/vod/20220927-1/4b6c705e7e869bf7d2093e51333a0791.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12536
last-modified: Tue, 27 Sep 2022 10:30:15 GMT
etag: "6332d0b7-30f8"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/ae1b831ad5a157efe7a41638a8a49ecb.jpg
136.0.141.5200 OK 6.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/ae1b831ad5a157efe7a41638a8a49ecb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2792bcdc5b41ac2b463e32fd49c1e0e6
6ba2c04414b4c27fd0fcf2f1926ebb4908d483d9
80cf400d3cab6faefb15ea7cdd2e0041bd181b1c99d8cebbfc3945ba6176d60d
GET //upload/vod/20220927-1/ae1b831ad5a157efe7a41638a8a49ecb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 6601
last-modified: Tue, 27 Sep 2022 10:30:15 GMT
etag: "6332d0b7-19c9"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/05fba5d113f24319a765b8660c9566e5.jpg
136.0.141.5200 OK 7.3 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/05fba5d113f24319a765b8660c9566e5.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ed10b1d4bb7c01fdf2df6370fa1a330b
de2b04309df36df155564477ec3f9413ae310845
07eec30c1891e8c0d2a317907d6a5e482697194b193a7b82340c77e6d4fa6817
GET //upload/vod/20220927-1/05fba5d113f24319a765b8660c9566e5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 7320
last-modified: Tue, 27 Sep 2022 10:30:14 GMT
etag: "6332d0b6-1c98"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 768-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 10.011994\012- data
Hash be311ae69aa806e335bf3f486c9c1742
1f03f482ff608cab3163afdeab73c2ed62cf2de0
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
GET //upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12628
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3154"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15016e4dc41923e35678f6879d6c2eb2
56522e64a0e2257181aa35e32e9023801e3dfeb2
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
GET //upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 14145
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3741"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e102994da73de1c4f40db37257545fb5
348d2ece7d32a7ed1c2af957c22eebb8863377d0
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
GET //upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 15357
last-modified: Mon, 30 May 2022 22:30:20 GMT
etag: "6295457c-3bfd"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9b1df4bba6e8b5f0dad58628de922d39
69bfcef4baa6568971c21912551b71a5a739655f
c3fcfe9b2981fbabac89d1ee561f8834bced1e274286058ea34d8c9cede8da13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:11 GMT
Last-Modified: Wed, 28 Sep 2022 05:42:37 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 590a468fe1e4ed329ba77585a786028b
6238694a71c989390f5b3a51cbfc6563a5288272
979b9df6faa658decda262879110b1d3ea496ef93936344bd95eb09ad8444f9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "979B9DF6FAA658DECDA262879110B1D3EA496EF93936344BD95EB09AD8444F9B"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19033
Expires: Wed, 28 Sep 2022 12:34:24 GMT
Date: Wed, 28 Sep 2022 07:17:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26a15f979dc9e5d9fef322eb62022200
83025c019e61376dcd9f52f07203667643e528c9
e6c1825fffca7a6107bc21c87e0c09fb04e7c7b038e41021fad77f92764b3191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6C1825FFFCA7A6107BC21C87E0C09FB04E7C7B038E41021FAD77F92764B3191"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2821
Expires: Wed, 28 Sep 2022 08:04:12 GMT
Date: Wed, 28 Sep 2022 07:17:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26a15f979dc9e5d9fef322eb62022200
83025c019e61376dcd9f52f07203667643e528c9
e6c1825fffca7a6107bc21c87e0c09fb04e7c7b038e41021fad77f92764b3191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6C1825FFFCA7A6107BC21C87E0C09FB04E7C7B038E41021FAD77F92764B3191"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2821
Expires: Wed, 28 Sep 2022 08:04:12 GMT
Date: Wed, 28 Sep 2022 07:17:11 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8
47.246.44.224200 OK 310 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 310 kB (309924 bytes)
Hash 0d38027e2b07879f6c99d55ce18e2666
b823665f8712838f4634875574e27063b2b3fe88
d96761cb212b29c7af9bbd7321bdad2ad3fcdfe5cb79af4c5b3f448a62509af4
GET /obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 309924
date: Sun, 18 Sep 2022 15:22:25 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 18 Sep 2022 14:08:42 GMT
nw-session-id: 2022091822084201015013704712F2A23Bqnzqb02dy
nw-session-trace: 2022-09-18T22:08:42.689861673+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 309924
x-powered-by: ImageX
x-response-date: Sun, 18 Sep 2022 22:08:42 GMT
x-tt-logid: 2022091822084201015013704712F2A23B
via: n132-078-071, cache14.l2de2[0,0,206-0,H], cache1.l2de2[1,0], cache1.l2de2[2,0], cache8.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:15:294::79
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01d47a916996dded67b1604c8b3895ee30caed3127501eb32745803330850f84a718ec827bf1cbcb1d9c2f7adb20797708ea8a961a1c667d089eb63cf84b5680aae2edb4d4380c823bae1727586a8e717ce525732f6cdee97b37644b7df018e35d
x-response-lb: image
ali-swift-global-savetime: 1663514545
age: 834886
x-cache: HIT TCP_MEM_HIT dirn:11:61989292
x-swift-savetime: Sun, 18 Sep 2022 15:33:13 GMT
x-swift-cachetime: 31535352
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916643494315437563e
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
136.0.141.5200 OK 33 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a1fc7657b8d6926a53055671bee349d
68ab1bc12c02da3a8def2daa09a789991b8c54e7
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
GET //upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 32778
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-800a"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 947fad3a501cc2fa0a5d2a6d1ace1490
9c84443e809fb58ef9f69ed1c982913d71dca5e4
b54748ac40a6d650c2b83bd6c70062873683cbe9b90b2ce4e26663c182b78cbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 00:22:27 GMT
Expires: Tue, 04 Oct 2022 00:22:26 GMT
Etag: "9c84443e809fb58ef9f69ed1c982913d71dca5e4"
Cache-Control: max-age=492914,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ab2ab4f2cb4f7-OSL
www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
136.0.141.5200 OK 34 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fe4fa1cab54aa6afa13de6a5ec35a1
f6ad518dfccb3aeff5d5f809d288fdb7ab177519
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
GET //upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 33634
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-8362"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
136.0.141.5200 OK 24 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e76298247b86c93518d6084cb4cccfe
c5da11c703b36e9415121d1e9f6ae7179c004ec3
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
GET //upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 23462
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-5ba6"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash bec220b3b49b05c6b75d762efb631eb7
fd0f46d366a98e8b5c8a51f2062b648a688b1252
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
GET //upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12353
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-3041"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
136.0.141.5200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash d6c8ad2c7eac5b55275ad3906346b9b1
b4e791297c2aa69be4ee4166fc70f15b76c1103b
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
GET //upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 18119
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-46c7"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg
136.0.141.5200 OK 49 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 500x707, components 3\012- data
Hash 07878a86c5af8d980b4d964a5bda9c0e
ae905e92aad91d9fed69bd079d073b776d5b4067
0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65
GET //upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 48757
last-modified: Sat, 14 May 2022 04:30:23 GMT
etag: "627f305f-be75"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/792d06cd8ff1246ebdf4c0d9dc470719.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/792d06cd8ff1246ebdf4c0d9dc470719.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 59eb4cb43b79c3445a2d8776472b5b59
8a77c3bcde644fcb1a26923f26ba36451db76fd1
a70eb91508a631d7251e6130ae7273c0df59141a7f5cd0c113fd1c5aa1e4b90a
GET //upload/vod/20220927-1/792d06cd8ff1246ebdf4c0d9dc470719.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10791
last-modified: Tue, 27 Sep 2022 10:30:06 GMT
etag: "6332d0ae-2a27"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/6d561ed611769a113066f3f0fb0ab3fd.jpg
136.0.141.5200 OK 8.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/6d561ed611769a113066f3f0fb0ab3fd.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash aa29336d7d7c45455f90661be21f5c05
05794fd6501102e9cb9e369ce620f857a26f3f51
ebd6e3b2fad204c357060f2569a187a5d1adea49a317267bc6d0ff38ec7f93a2
GET //upload/vod/20220927-1/6d561ed611769a113066f3f0fb0ab3fd.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 8212
last-modified: Tue, 27 Sep 2022 10:30:05 GMT
etag: "6332d0ad-2014"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/41bbee706a89f8dba1557b40ef3db83c.jpg
136.0.141.5200 OK 6.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/41bbee706a89f8dba1557b40ef3db83c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 3e2c3717fd3f496cc504fb5cd3c0a304
4f006bbeb321699f763cc1252c29193c6f4d36d7
67c7958f258e804bf5b8e2186f57ea73926254a858b8bb6a4552f4055443ccc2
GET //upload/vod/20220927-1/41bbee706a89f8dba1557b40ef3db83c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 6731
last-modified: Tue, 27 Sep 2022 10:30:05 GMT
etag: "6332d0ad-1a4b"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/b9bbc64aedbd63c2d454bcb88f885f59.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/b9bbc64aedbd63c2d454bcb88f885f59.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c61eb76bee3e7c529839d0bf8e5096a4
8fbb6edc9ce6324e7ada9a76e01131c4e5fa9cc6
321b56faf8eed2afd438cc103740c041c8af1fccc2adab87676598e8c432d279
GET //upload/vod/20220927-1/b9bbc64aedbd63c2d454bcb88f885f59.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 12345
last-modified: Tue, 27 Sep 2022 10:30:06 GMT
etag: "6332d0ae-3039"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220927-1/f106864ead1fafd0cc554dcc6e8177ab.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220927-1/f106864ead1fafd0cc554dcc6e8177ab.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 63f3747c072f5fd3c51b2900db84ef52
49a8241dbe2258a635bcdf64c8ed15b56bba60cd
cf5b52a6fe2c6fb49d707dbda6382233c7bfbc82ae2531627e488c038d0dd39c
GET //upload/vod/20220927-1/f106864ead1fafd0cc554dcc6e8177ab.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 10806
last-modified: Tue, 27 Sep 2022 10:30:06 GMT
etag: "6332d0ae-2a36"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
136.0.141.5200 OK 76 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 625x900, components 3\012- data
Hash 8df7397c01f50d1a0216d5aa5df5b616
8d6f18e7901340760b112b8ee25487d732b64e3c
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
GET //upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: image/jpeg
content-length: 76403
last-modified: Sun, 15 May 2022 04:30:19 GMT
etag: "628081db-12a73"
expires: Fri, 28 Oct 2022 07:17:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ef8df675b21d460c689358842b8092d
fe75c84047429e0d96d5a18ef4cddfe9a06fb4aa
723982f5393cece71556a99e3c39ea87d0b436a8b2ff10f8e8f945285a1822f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "723982F5393CECE71556A99E3C39EA87D0B436A8B2FF10F8E8F945285A1822F9"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21516
Expires: Wed, 28 Sep 2022 13:15:47 GMT
Date: Wed, 28 Sep 2022 07:17:11 GMT
Connection: keep-alive
sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
104.21.86.153200 OK 478 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a8237d01a191e9d064ef7fb13e272626
6f730d7689a272a655867e55be6d50e577aa87b1
59f9d76943a7794f731f564f6cef0087d0b1a4e27551795d848c9fd438071346
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:17:05 GMT
etag: W/"632841a1-3de"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnStoPnAjWCXsbbIrAacI68U%2BxZ6DASokaoJg3fedjEN4ijJn5yrK8fqb3Y4ns09t15QzyMuBPxP1C6XiZNRmCLwEETAt6NY0b9xEGho4FIh0hlzptMpgHe8S3%2Fq6ZMqw3o8XeDD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf680b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 07:17:11 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 0f7cfd80cfe152cef9de34e437a9326b
d045f2f30250c173c37bc9e9596387ab26a93344
d041d5b153693861b6f769b5370bb6b702d7e8974258d6275dcd64e5c6b9a4eb
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 02 Oct 2022 04:13:24 GMT
ETag: "d045f2f30250c173c37bc9e9596387ab26a93344"
Last-Modified: Wed, 28 Sep 2022 04:13:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751ab2ac5f49b505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4d66b5d84245d4f7b3781b31bb168211
c52a16c1628d8e47fb3c5be76f2e1665bbe91471
9071cd8651405a476a266c93a513ca6c32cb1f39fef5ee16fa15467cf86b3c07
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 02:54:11 GMT
Expires: Wed, 05 Oct 2022 02:54:10 GMT
Etag: "c52a16c1628d8e47fb3c5be76f2e1665bbe91471"
Cache-Control: max-age=588418,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ab2ace923b4f7-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 77aac03fa95da5903eb67c74eb0547be
449d91f3deb632f868d6d1f8d5f5afed3f4ad861
edeede28fc484aef014c14fce8884cb361fbde126cf5fe485914c84975b20bfd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:12 GMT
Server: ECS (amb/6B8A)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 77aac03fa95da5903eb67c74eb0547be
449d91f3deb632f868d6d1f8d5f5afed3f4ad861
edeede28fc484aef014c14fce8884cb361fbde126cf5fe485914c84975b20bfd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:12 GMT
Server: ECS (amb/6B90)
Content-Length: 279
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0040b740e8dac6b224c1914cca149cdd
f5c4cd97daf6c0002b19b4edc5715eb37c4c1410
584eafd6699f00ba6cda4497a8be0f93250562d0a9fbf5d47586676c4b1c8e3f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 28 Sep 2022 06:56:11 GMT
last-modified: Mon, 26 Sep 2022 04:25:21 GMT
expires: Mon, 03 Oct 2022 04:25:20 GMT
etag: "f5c4cd97daf6c0002b19b4edc5715eb37c4c1410"
cache-control: max-age=602028,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 751a93e6bf32bb8f-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1664348171
via: cache2.l2de2[0,0,304-0,H], cache14.l2de2[0,0], cache4.se1[22,22,200-0,H], cache1.se1[24,0], cache7.se1[26,0]
age: 1261
x-cache: HIT TCP_REFRESH_HIT dirn:4:35908014
x-swift-savetime: Wed, 28 Sep 2022 07:17:12 GMT
x-swift-cachetime: 539
timing-allow-origin: *, *
eagleid: 2ff62c9b16643494320776691e, 2ff62c9b16643494320776691e
n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
20.239.189.131200 OK 40 kB URL HTTP/1.1 n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
IP 20.239.189.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 35a667b9206e2693a5020fa8d30ddf77
ba818913ff0e821fefd8b24a18f8b398188cde6c
91dad25f00d7b090cf7c728b8b3db359a92652068391126fa212badd4e7e60d8
GET /8e1e9034b4a54c10bcdc828a830c011c.png HTTP/1.1
Host: n0404.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:11 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
ETag: W/"62bc2971-9c77"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
172.67.136.55200 OK 29 kB URL HTTP/2 kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
IP 172.67.136.55:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:12 GMT
content-type: image/gif
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
etag: "62544489-719a"
expires: Wed, 26 Oct 2022 18:15:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 133292
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi9g0tfutX0dYegL%2F8LoEWFaGWc8nALlUvmhOzJpiJXc%2BBvOvLP87U1tsGhWHT3XI7hKppDDBockuKbl4IwbNsPM6aspBdTgDMLOHf4S19%2BTBhrI5lCNTu7Mo0Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2aeddbeb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
47.246.44.224200 OK 820 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 240\012- data
Size 820 kB (819511 bytes)
Hash bb1e9e576dd20c81778f900a86c762ba
d24dbe39efd9549bc2d92a347817e5be52793820
fd342e533b7d6c823e1421c0f24d986180fe56d107afef0aaa880b260c55ba38
GET /obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 819511
date: Mon, 26 Sep 2022 15:50:31 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 26 Sep 2022 15:01:20 GMT
nw-session-id: 202209262301200101751360743247E71Aj9j5702dy
nw-session-trace: 2022-09-26T23:01:20.195238767+08:00 49
x-bdcdn-cache-status: TCP_HIT
x-length: 819511
x-powered-by: ImageX
x-response-date: Mon, 26 Sep 2022 23:01:20 GMT
x-tt-logid: 202209262301200101751360743247E71A
via: n150-055-204, cache14.l2de2[0,0,206-0,H], cache16.l2de2[1,0], cache16.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010c1ba2d192d646d2b74ebf8f9ac202b1bab68753fc53a1ad525f9954487edbd196cadba40e496648f76b0cdcf910e31ce32a220aa2a10adb01b9b4d415c27e5434e2528867fa8f9f17d96ca60605fa9b575dc0c8a93b4efd758ee38458facb63
x-response-lb: image
ali-swift-global-savetime: 1664207431
age: 142001
x-cache: HIT TCP_MEM_HIT dirn:11:40917077 mlen:0
x-swift-savetime: Tue, 27 Sep 2022 06:43:46 GMT
x-swift-cachetime: 31482405
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916643494320997946e
X-Firefox-Spdy: h2
kvhfff.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
172.67.136.55200 OK 243 kB URL HTTP/2 kvhfff.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
IP 172.67.136.55:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 243 kB (242675 bytes)
Hash 5868ac57eb0ccfce58afd011ef7c72ed
d46a8cd8288da6f2a6557f5bddbfa8faad6d1f66
406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807
GET /2f63247ac47b1dfb4d31a1a5cede5717.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klx1.zhgmjglh81k.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:12 GMT
content-type: image/gif
content-length: 242675
last-modified: Wed, 23 Mar 2022 06:37:17 GMT
etag: "623ac01d-3b3f3"
expires: Wed, 05 Oct 2022 14:58:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1959532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6e%2Flut8tVTuRlny8jb7Bop%2BaYIpiqOTV7Qx%2F%2BTzjfOqVhvBXW7BDIEHyQmvKKjmATuq8urWAZRLOz6H%2FaTPJis%2FvXc0cn0DxVlyeb5I7YqYq3aI9YeSw8w%2FzeJk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2aefde0b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 61893d6491dec929583b19b7735ed798
66ac30d8e53541219bce2786b97603e61d03cce9
ef7b149a563956c7126c3ad8aae93116395e4a12c0bfaafc65ccca6515d9e742
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 03:55:30 GMT
ETag: "66ac30d8e53541219bce2786b97603e61d03cce9"
Last-Modified: Wed, 28 Sep 2022 03:55:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2664
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751ab2aee94db500-OSL
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0040b740e8dac6b224c1914cca149cdd
f5c4cd97daf6c0002b19b4edc5715eb37c4c1410
584eafd6699f00ba6cda4497a8be0f93250562d0a9fbf5d47586676c4b1c8e3f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 28 Sep 2022 07:17:12 GMT
last-modified: Mon, 26 Sep 2022 04:25:21 GMT
expires: Mon, 03 Oct 2022 04:25:20 GMT
etag: "f5c4cd97daf6c0002b19b4edc5715eb37c4c1410"
cache-control: max-age=599880,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 751ab2aebb6c9c07-FRA
via: cache25.l2de2[34,0], cache7.se1[55,0], cache7.se1[58,0]
timing-allow-origin: *, *
eagleid: 2ff62c9b16643494320776692e, 2ff62c9b16643494320776692e
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
104.21.86.153200 OK 879 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP 104.21.86.153:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a5cbe4417e9c2108596438ecfea8dc2f
2aa5c0b99fe694483a37b51b139da489ec33e65a
e6697da41ae820e06d21fbcd88ebd938c5332a7e418eab878492e832c0069c62
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 09:05:03 GMT
vary: Accept-Encoding
etag: W/"632ec83f-5c3"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FOW1za%2FH2t99eZ42kc3IrNAJvNQBOMjPrYkYPw4QpNVlBT9vKVJba8MFCOTNsr6b8IIuuH6Sojk6t4fzbllfJxjr0kwj2FzrVicUj6OFDsyr0ISfiS7WbEGNzlZpJKXXRzkyCFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2ef9c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0040b740e8dac6b224c1914cca149cdd
f5c4cd97daf6c0002b19b4edc5715eb37c4c1410
584eafd6699f00ba6cda4497a8be0f93250562d0a9fbf5d47586676c4b1c8e3f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 28 Sep 2022 06:56:11 GMT
last-modified: Mon, 26 Sep 2022 04:25:21 GMT
expires: Mon, 03 Oct 2022 04:25:20 GMT
etag: "f5c4cd97daf6c0002b19b4edc5715eb37c4c1410"
cache-control: max-age=602028,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 751a93e6bf32bb8f-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1664348171
via: cache2.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache1.se1[83,98,200-0,H], cache1.se1[100,0], cache3.se1[101,0]
age: 1261
x-cache: HIT TCP_REFRESH_HIT dirn:11:412706244
x-swift-savetime: Wed, 28 Sep 2022 07:17:12 GMT
x-swift-cachetime: 539
timing-allow-origin: *, *
eagleid: 2ff62c9716643494320778947e, 2ff62c9716643494320778947e
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 13ec537dd35dcd50bf5c4cbd6cef0000
31647c73aac3dd77d0cadf6d849c279e5159e479
5d4a51046359a79b230c1d8bcacc94a71db903b309e9dfceb3a3303936caddfa
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 02 Oct 2022 04:34:11 GMT
ETag: "31647c73aac3dd77d0cadf6d849c279e5159e479"
Last-Modified: Wed, 28 Sep 2022 04:34:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2591
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751ab2af59e7b500-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 13ec537dd35dcd50bf5c4cbd6cef0000
31647c73aac3dd77d0cadf6d849c279e5159e479
5d4a51046359a79b230c1d8bcacc94a71db903b309e9dfceb3a3303936caddfa
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 02 Oct 2022 04:34:11 GMT
ETag: "31647c73aac3dd77d0cadf6d849c279e5159e479"
Last-Modified: Wed, 28 Sep 2022 04:34:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2591
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751ab2af5fe01c0e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 77aac03fa95da5903eb67c74eb0547be
449d91f3deb632f868d6d1f8d5f5afed3f4ad861
edeede28fc484aef014c14fce8884cb361fbde126cf5fe485914c84975b20bfd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:17:12 GMT
Last-Modified: Wed, 28 Sep 2022 07:17:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5deda30749e756f90a7b03e8628c4ee9
1aeb59ccdf68f59405d7b362103f19b5ba712e7a
bffc4c72c6d02a1a36857ef3e01ead119b13fe39e476cbe91356ce24055a6bda
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 17:50:04 GMT
Expires: Tue, 04 Oct 2022 17:50:03 GMT
Etag: "1aeb59ccdf68f59405d7b362103f19b5ba712e7a"
Cache-Control: max-age=555770,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ab2af4c870b45-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 217d240d746b2719fe6d0eb19eff06a0
4a1174105b396c57dc46419bfbd0bbb82e89d190
a899816de92d3c8d90a4c0b7d6c9197a3a0ab3e4fc2ec2d622f390da0646f359
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 08:00:03 GMT
Expires: Sun, 02 Oct 2022 08:00:02 GMT
Etag: "4a1174105b396c57dc46419bfbd0bbb82e89d190"
Cache-Control: max-age=347569,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ab2af3d94b518-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5deda30749e756f90a7b03e8628c4ee9
1aeb59ccdf68f59405d7b362103f19b5ba712e7a
bffc4c72c6d02a1a36857ef3e01ead119b13fe39e476cbe91356ce24055a6bda
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 17:50:04 GMT
Expires: Tue, 04 Oct 2022 17:50:03 GMT
Etag: "1aeb59ccdf68f59405d7b362103f19b5ba712e7a"
Cache-Control: max-age=555770,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ab2af4c850b45-OSL
cdn.yellowjm.com/pjs/wcg341.js
114.112.221.210200 OK 1.5 kB URL HTTP/2 cdn.yellowjm.com/pjs/wcg341.js
IP 114.112.221.210:0
ASN #4837 CHINA UNICOM China169 Backbone
File type Unicode text, UTF-8 text, with very long lines (3006), with no line terminators
Hash 439aaf355f61008389ee056dab5f8bd0
f4ef304def0a1c90899f9853435a37b4e23d100b
1822ba372679af6f2cb4f2febdf3c8be2781c521766980172ad76b27abaead7e
GET /pjs/wcg341.js HTTP/1.1
Host: cdn.yellowjm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "63108cb3-bd6"
server: nginx
date: Mon, 26 Sep 2022 10:53:43 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Wed, 26 Oct 2022 10:53:43 GMT
accept-ranges: bytes
last-modified: Thu, 01 Sep 2022 10:42:59 GMT
content-encoding: gzip
age: 9439
content-length: 1493
x-nws-log-uuid: 17243619098842116355
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cache-control: max-age=259200
X-Firefox-Spdy: h2
vkhhjp.com/878c428039b74e988c41ada20a9c2f05.gif
103.170.15.54200 OK 89 kB URL HTTP/2 vkhhjp.com/878c428039b74e988c41ada20a9c2f05.gif
IP 103.170.15.54:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 240\012- data
Hash 20e63872db2f35ea3c9ec80c6e49f5a5
fe7a31cf62cd2258032a79765aa892964a2c680d
51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998
GET /878c428039b74e988c41ada20a9c2f05.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "631b2991-15a52"
server: nginx
date: Mon, 26 Sep 2022 09:32:29 GMT
content-type: image/gif
last-modified: Fri, 09 Sep 2022 11:54:57 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-44
content-length: 88658
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
104.21.86.153200 OK 14 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 6e41fb2adc791183b815ebaeac6cb92f
8a1cd333776becd460f3e9f0de05af4e6e9ffa8d
d9e2dd86785d119dc1ad255dab4d716b65d996e24acbb3304114a8ec0b4bacdf
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 12:06:51 GMT
etag: W/"631b2c5b-3d5"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Okr0YzByoELPLlKD3OuZH7RYUv5f2GBbQlk7DHHrrflFHOfFnhxJoVI7NDtpbkk%2FPV6cAXKZd8xh%2Btje0jYPkBBd2gz%2FZ7m2YV1o5lac2vbNbeLWv2Hz3mwNYjLXYlU6F%2FlI%2BRQV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf620b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
613711567.com/0fb00f1b3f1548f0bc066f8a01a5a8f1.gif
47.75.19.14200 OK 68 kB URL HTTP/1.1 613711567.com/0fb00f1b3f1548f0bc066f8a01a5a8f1.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Hash 7fb729164de96495010d31173b4dfde9
48e6c18b318b6dbe66739b2a97b1ca536a260a5b
eb89dbf10519257d735db5ba0731ed566cd5b8fac2a72ffd7bd299a9e8c4c10b
GET /0fb00f1b3f1548f0bc066f8a01a5a8f1.gif HTTP/1.1
Host: 613711567.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 28 Sep 2022 07:17:11 GMT
Content-Type: image/gif
Content-Length: 67749
Connection: keep-alive
x-oss-request-id: 6333F4F7E46B1633305AF294
Accept-Ranges: bytes
ETag: "7FB729164DE96495010D31173B4DFDE9"
Last-Modified: Fri, 23 Sep 2022 06:35:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3572186298259414675
x-oss-storage-class: Standard
Content-MD5: f7cpFk3pZJUBDTEXO0396Q==
x-oss-server-time: 1
ia.51.la/go1?id=21278761&rt=1664349428461&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428461&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1664349428461&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428461&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1664349428461&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428461&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=648a48da7c6626fdc28; path=/
HWWAFSESTIME=1664349428633; path=/
ia.51.la/go1?id=21278761&rt=1664349428578&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428578&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1664349428578&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428578&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1664349428578&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1664349428578&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx1.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.beklemeto.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=ee24b2929679ee13c55; path=/
HWWAFSESTIME=1664349431592; path=/
bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
103.170.15.80200 OK 121 kB URL HTTP/1.1 bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 100 x 100\012- data
Size 121 kB (120937 bytes)
Hash 49275d96974a0e7a765eba878974e990
a072e28e13413dad5a5c2db03d27e4cbe8b0b220
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
GET /ad57239e363d4a2f96c2e91f27d2aefb.gif HTTP/1.1
Host: bob5379.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bc27d3-1d869"
Date: Thu, 22 Sep 2022 21:32:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 120937
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:15:25 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Fri, 28 Oct 2022 07:15:25 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
104.21.86.153200 OK 224 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 224 kB (224195 bytes)
Hash aaa6789bdc0a90fa1283665730d80780
14f3b2fa1c290e4fb57870f865fd6daaeef90568
8ab98cbf35f7e97b08b3d6914dc2e5466b5ef1cac5648c6ecbbbc09e16c6a476
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:42 GMT
etag: W/"62cf9832-3b7"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm6RWPghQLVrjMeDEmX8v5JmwQuwYTwbRGkdEBpUwjZOUML8ATH6xHVwwh%2BcFs3NTan9HqZhre8LrkNzJn%2B5hMpFtDsb1iKmLCTgytPccUFW9R5Tf5LXRQqlZaY3MqjjLnMXpsn9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf6b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
47.75.19.149200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP 47.75.19.149:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 28 Sep 2022 07:17:12 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 6333F4F88A23F734321C56ED
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 2
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 2845db344292cb9e429e8ff5be23456b
c56220a91f9b1379fc7ce187a6365a1fe92794ae
9dc9e49532a94bef68a796eac2132f1d052433dd14f169b3c272fac1a7e0a348
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 07:17:12 GMT
Etag: f79ecc58c64bf809fb1edb2e3513429d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=49165FFC54C585B8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?9c71adf25dac6256b9218d6c1531120e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?9c71adf25dac6256b9218d6c1531120e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 8b67eeb79e38c8bf9be17b6c09b48507
6067a862abea603e71ce52bf1d7248042428888b
42face0e8abeb6a867a98248c1f413bb0b7a1e24c88177229269b5f9d60cb29d
GET /hm.js?9c71adf25dac6256b9218d6c1531120e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 07:17:12 GMT
Etag: 035c5d8fb8fcfc3cafb1dd004a62ccfa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F9CCF69A5AD18344; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1833013408&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1833013408&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1833013408&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 07:17:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=59BAC79C2C5C0071; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1351448702&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1351448702&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1351448702&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=1&sn=22571&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 07:17:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1D176CC2EA3F68A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash a37d6d3c16487f27b42e06df052f697a
5791861080d9965a97a0f71627fbd2d0998f2044
025f1857ba25f73026fa75a530bcc06c4413548c5b5db68df9d66d07d8f7e1f5
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: f79ecc58c64bf809fb1edb2e3513429d
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Wed, 28 Sep 2022 07:17:13 GMT
Etag: 8f48a0885d5744cc56c637b7b67cf46b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6BFA4D401F44615F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1664349431&rnd=99795552&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=2&sn=22572&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1664349431&rnd=99795552&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=2&sn=22572&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1664349431&rnd=99795552&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.beklemeto.com%2F&v=1.2.97&lv=2&sn=22572&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx1.zhgmjglh81k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Sep 2022 07:17:14 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1D4D986887BFA40E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46dc8f1499f4de5f03bd87a68c3c6c7b
0cd28a243f9704140ccb9eb1415a77fcccc7cf87
3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: t_uz9vKifWkMj014gCS83STU-fnM39a49_LB5By3j9NqLpqfl8tKSA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:38 GMT
age: 33578
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 14:08:38 GMT
vary: Accept-Encoding
etag: W/"6319f766-2868"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSpSA%2Fn4Y90tO0O3JaZSgX2Ha5gVL6irCIT1z3%2BU2gsn2lHFfBgiAVt5jXPlMm4hi4yO3eXPjCq0jsdsGv%2BHLTl9nuaL7AMfnE6mbGPLyyfqi28h6LWtHv29Uusxa9JHyIkkv2GQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2bf610b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:23:22 GMT
etag: W/"62cfe08a-1ac"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2Kt1CYzvDOeB0sVtLyzA7tZYL7kDPqZn8l0sX4mmj3NfWqUHhhuPhBN5u6xoE3M2vQaZ9tE9qMk%2FXsKgLu9k%2Bk7Drkm%2BU1jivbThYBel1lredNlEqMy6o0Tv8mvCvI%2BZL7%2BWbG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2bf690b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.x968.xyz/images/632d4ea4ae31e1e9be24e3e5.gif
38.47.102.246302 Found 0 B URL HTTP/2 img.x968.xyz/images/632d4ea4ae31e1e9be24e3e5.gif
IP 38.47.102.246:0
GET /images/632d4ea4ae31e1e9be24e3e5.gif HTTP/1.1
Host: img.x968.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
cache-control: max-age=3600
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:17:45 GMT
vary: Accept-Encoding
etag: W/"632841c9-421"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTCGY0ap%2F9mg2hnoR7XWopLMEXuBSWMmNWxLowUAQkOZLR0yP0AOsMbQ5FOCDmKzOn%2BGio2NE8cOxX93N7Jvh05%2BSW472oG5EZ82rP54CAZd%2B6SYSRjvdh1V6Y2L4ekvZTP53Y6A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2bf660b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/xx1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 09:04:53 GMT
vary: Accept-Encoding
etag: W/"632ec835-892"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBLvY41Fhb7FSI77YTKh18e8T5upLEBBgTGHmvkF9IhI4PHKmIQOQDmmH1ANSZcD1MOJOwef%2B3uBJMgiXSeYeyaGF5%2BaeedWfCLHw7NKBAA%2BGgJ2Snp%2Bn77Zdg84rFkK4VDmYXxH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2df8a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 09:05:07 GMT
vary: Accept-Encoding
etag: W/"632ec843-5c3"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGQ4A6ZuepMdnjBjx7wADjhdDbuPlGPP5TIlzb%2F%2Fz3YAFc35Cgop77%2FGJE1sWbMN8%2Bq8PO8k1nD95EL%2BeQSRCtGkNfsX%2FEHmP8LQx370ucGIlinLfij%2BFFCWIeK6e2RmiEQ19h8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2bf6c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:33 GMT
vary: Accept-Encoding
etag: W/"62cf9829-972"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS%2Byvp3WBvLur1%2FQX3AIOjcoU1FxCk3k66yx0t%2BR%2BNuYmZKQpjH%2FCby%2F2YgcKrYnpPnpvVPUhO8bX9ZdJDq5TWVCStnEtSEyesgSEvrXArqBAzjjq3nzFhXBC3xnCyCb7%2BUbvPxN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2ffac0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx1.zhgmjglh81k.com/
172.67.200.162200 OK 0 B IP 172.67.200.162:0
GET / HTTP/1.1
Host: klx1.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.beklemeto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIKdepnWyra8PUNDLL%2FmPsNr1O0Nj6sqlfrMaawnGf8LTGsYRUJJqX%2FjBHlDUbPNUllLfpdxJ2e%2BIyqX7CI5IksKBNO64Tb0XNAmyJ2L7VQXKx%2FTeF58ZhUF0%2F3BhmEP44XYyB%2FyWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab29e6dffb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 09:05:24 GMT
vary: Accept-Encoding
etag: W/"632ec854-f62"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw6M62kqKpHvQjxhF9xFykpQMEBWp4kT2ixtbBOKTg6pRA2inGM3XrxEh1Ot7msUKS4NwsZOGBkngFgrHdmC5siIVd1lWKe2RrCimLo9Ap2v8X3R%2FOxCrSZZdxWQClYsbnYW%2BhuV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a31fd20b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:38 GMT
vary: Accept-Encoding
etag: W/"62cf982e-449"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fPPBcLJTg%2BJzQLFYH4EIamyVdfV4zHPoMHdg9vVK0odTcdTRxqfOFCJknp2j6n2lgOZgMwYGC2OMhExean4QGnUoN9hauE3HHVrebuEW3w5ofcDVulWIttOyXlCKNBEYRg1bUAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ab2a2bf6e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
104.21.86.153200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx1.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:17:10 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 14:07:24 GMT
etag: W/"6319f71c-3ed"
expires: Wed, 28 Sep 2022 19:17:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1vixYbPSUuwMQ38Tz%2Frx%2FnWxvk0s8yH5ZCpLhh6%2FCYCPxTUE9PPvEG99CskNwFaZeUeWbi%2F1B4qWCpMEu%2FU5lfvkjU5V8ywipIKDpzvJbwa%2BYuN3kyKf18%2B%2FW9emoKO%2FW1msz5W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751ab2a2cf7a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2