r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e717435470c9f4f06b174d7100c6a98f
292150251495b243c384e0c676a258597ba7f4d8
91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3080
Expires: Fri, 30 Dec 2022 09:06:21 GMT
Date: Fri, 30 Dec 2022 08:15:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 78f1f94544ef06b96bb43283f59d100f
fa2f1a3730a98c6fa5ebf976143fb6093a7298be
889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9439
Expires: Fri, 30 Dec 2022 10:52:20 GMT
Date: Fri, 30 Dec 2022 08:15:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 30 Dec 2022 07:46:57 GMT
content-type: application/json
age: 1684
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 428881081ad357fb55af33ebf9d12c16
29b7be72f76da07db4a03fb1bc57ffe16d520a22
9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Fri, 30 Dec 2022 09:17:46 GMT
Date: Fri, 30 Dec 2022 08:15:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XO3Ys7gQp1ViupHn7JKLQnnxX2ShKY7ihllpxbwwGUEtlqEwlmItFfRQHt0dEJJf3nHMqmAiVMs=
x-amz-request-id: RGEH2A3AS16HD7HA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Dec 2022 07:56:56 GMT
age: 1085
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
lfhfd.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 30 Dec 2022 08:15:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.lfhfd.com/
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 08:15:01 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 30 Dec 2022 08:08:08 GMT
age: 414
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0a08dc71eb7ba3512abb4d29505eb034
e66404bda80b355bae30b0d4db3daa193a6e4276
357891f99263d30eaded85985217d9627cd60369ee8d01a7eacdb2d0f2d8b2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5494
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:02 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:28 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1EtWUh3+G9DPAneb/1PEtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DooNMA/pml+bi3ZTUUySW9Pk8WM=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 08:15:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c0d5fb3791917c41549447f9de79803
1b2c18e9474133539ec54b2e77112256aefadda8
f81084ebe03cff7659902d1afdd44c0f95ecffa96b880550b6a0b51191348222
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8071
x-amzn-requestid: 0085b429-3682-43ad-a47b-be03cbe32c53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7Zx1FOfoAMF-DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae09a5-450206562924e25e363b1ccc;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S_FfIgQU5dbZ4B8xhnYGgKIWaZ03PUrzbD5qdV7ASZegKf6TWwpAgw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:29:29 GMT
age: 35133
etag: "1b2c18e9474133539ec54b2e77112256aefadda8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 08:15:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d1857128ab6a237e6854c7a3532b51
702ab1eb38be637f012e1454201b9a7561c29081
48fbf5b5aa1cf66fcdaafe68c72ac073d2ba9b6dedf76ebfaafdc88836fa0fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4833
x-amzn-requestid: 46ef49d7-dadb-4665-84bf-1c331ed8fce6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZU2E3IIAMFxAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08eb-28af0ab9094d7c21560a60db;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YyIKd_GHAixWYqzjn0XD2Jwal3Jt62L90StfgPkCkJWU3RQml-u6oA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:39 GMT
age: 36803
etag: "702ab1eb38be637f012e1454201b9a7561c29081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f02288213f270c5a4a8944107c81e9
d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea
770e6cc997aafc1c0485af4fa413fa255868a5d333e8e60e7de90b4c74bf29bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8494
x-amzn-requestid: 8dc4c6ae-ecb5-427d-be0a-535585f19b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZUXHR1IAMFn4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08e8-326ee70106b8fa9d2c4d540b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fR6Tky8KiadgDTqrGN7QKIldTbOm8rIxJXZOtT6FyjBC6gafdCd33A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:38 GMT
age: 36804
etag: "d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 244b2a2a5b176fb3117248a872e2a37a
f451963e96d330a8dcd28ebcf5e63791e90b75ba
c01075e3836684e57b87d1feaf148e5c0dc35e273b8519c342c90e44dfc1e54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b05264c-5ed0-4ad4-996c-58fc36048283.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12054
x-amzn-requestid: c24868ab-bcf2-4f9c-b7a3-83df6a1fb11a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do5InGjRIAMFWtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a236-539fdd2919bdc153159156ef;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 06:54:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WQ2TnGkAeLlisFSiN2rI45ImsUR0xjSsEI0pMXBFzl8dMoeVb4EnRw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 09:34:32 GMT
age: 81630
etag: "f451963e96d330a8dcd28ebcf5e63791e90b75ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 08:15:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e270e4d21abb133d068a56a552b1708
2d5c698f982dcdb9a86de4e45e30d7caf9b42336
723573f9908c5a2aa1d3dfe1146a764d7052c866ff2076a9096daccf5697328b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11775
x-amzn-requestid: 5a37b577-ac86-4cab-a580-865059074844
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aqKGzTIAMFmIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b0d-7de39bba5583d757794dbd9e;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4OqJ-KiLeDe3iVqhLUhzcqiWrDHc3sZa808qTuPMDLdhP6FOFdGhkg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:10:15 GMT
etag: "2d5c698f982dcdb9a86de4e45e30d7caf9b42336"
content-type: image/jpeg
age: 36287
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 08:15:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d21812b8907c0410fcf07b8a245fd97
f9f4289b4f79af75f646f2c72de68dcb679f0c10
7c720ceaf934e04af379535b8fe63685314abc18033e95ed24deb29b3e34e744
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce559ba-ede8-48f0-8bf2-1c6a0c1d4c83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8101
x-amzn-requestid: cdcbc49a-d707-4123-ade4-cb15af5c87d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7a21FInoAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b5e-3e9cf62117217e6a1157f231;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:49:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WUUKdG7_nEJW5qtYxQBep_w_ySyzsDOIu-3ToocqJi47NWnfvGTueg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:23:09 GMT
etag: "f9f4289b4f79af75f646f2c72de68dcb679f0c10"
content-type: image/jpeg
age: 35513
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.lfhfd.com/
200 OK 37 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash ef509c2ce6534c57d3fc8743e670bbc1
f9b157c166c8b8e80ae213e5a1600c59c207759b
33883ad1a94a2a5eddbb703ba7b08177d64fa4fa5703b7990fe54256f3d42d1a
GET / HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:02 GMT
Content-Type: text/html
Content-Length: 36699
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.lfhfd.com/staticmy/css/iconfont.css
200 OK 928 B URL HTTP/1.1 www.lfhfd.com/staticmy/css/iconfont.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash d6f5821d0866c5ef4329519076096849
a006c2ca7493b9cd1954e2cc106fb72e361b8540
b8145589bb54c721a56e293facb2f6204779c4c3824e6b628c38dcf83c76150d
GET /staticmy/css/iconfont.css HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-e41"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/stui_default.js
200 OK 1.8 kB URL HTTP/1.1 www.lfhfd.com/staticmy/js/stui_default.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88309ab2087abf77ffd6cd362306bdc2
a70ca083de465cd44c46d1522ed0a398da145fed
c1ee1083469f5915240855919148a951ad49493d2f0bf6ef62a587715eb727ce
GET /staticmy/js/stui_default.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-11b6"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/css/stui_default.css
200 OK 4.9 kB URL HTTP/1.1 www.lfhfd.com/staticmy/css/stui_default.css
IP
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (310), with CRLF line terminators
Hash b2877c0ce3ce01eb038dad7dadf34f95
cbbad210aa4f04ace95a0077b2cc7ade27499077
c9ca9a33dce8a3946d18a9737723ebca93bdc278103710a95a310bd0f4e72efd
GET /staticmy/css/stui_default.css HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: text/css
Last-Modified: Sun, 18 Sep 2022 08:50:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6326dbd9-4b1d"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/jquery.cookie.min.js
200 OK 707 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/jquery.cookie.min.js
IP
File type ASCII text, with very long lines (1266)
Hash 58dbd5fe203290a568f56b67b661e002
76f8bf540b3df5c5ec21957ce3d3f221fa4925b3
7965786891d81a4d8a5e9211cdc4db9b586c1dfb3b9c65d1079ba7999f980822
GET /staticmy/js/jquery.cookie.min.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-514"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/jquery.lazyload.min.js
200 OK 1.3 kB URL HTTP/1.1 www.lfhfd.com/staticmy/js/jquery.lazyload.min.js
IP
File type ASCII text, with very long lines (3309)
Hash 107610b0db6edb28f23fa6225715d7b8
126dbbafb6d950bdad39ed43252935662102c427
d66c70427c0ca29dd4ca5649cb50c2f4c72e03506309ead0bbf9ca0d18d82f18
GET /staticmy/js/jquery.lazyload.min.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-d35"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/home.js
200 OK 8.9 kB URL HTTP/1.1 www.lfhfd.com/staticmy/js/home.js
IP
Hash ef5684d1a2af89012b3f0c76e654ca77
92f8faba52aa48931d94d25d9d368af6a91fbce1
17f2053129817790271a8fce4d6a19dfdc31d322fc5707c7e3d30b82af8b2ac0
GET /staticmy/js/home.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 May 2022 10:51:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6295f340-84cc"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/sousuo.js
200 OK 551 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/sousuo.js
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1459013ed4c36b5febf5738bd200b469
86f209b94b38b3dda131b5a5e3ca94813d08a147
c63158148d84b61db73d307b4a5f1105a36756c485b2b7918e1ab04d8c360550
GET /staticmy/js/sousuo.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Content-Length: 551
Last-Modified: Fri, 28 Oct 2022 08:11:05 GMT
Connection: keep-alive
ETag: "635b8e99-227"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.lfhfd.com/staticmy/js/daohang1.js
200 OK 585 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/daohang1.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9b908b38583b2ed9b701d817ebf9a86c
114dc8aebe10c8aa2dca084ab5ec051d9a825069
435823b42619f939bcf2c8e04e5e0e32070c4b79002febdd2442b78bfcc5058f
GET /staticmy/js/daohang1.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Content-Length: 585
Last-Modified: Thu, 01 Dec 2022 11:36:58 GMT
Connection: keep-alive
ETag: "638891da-249"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.lfhfd.com/staticmy/js/daohang2.js
200 OK 468 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/daohang2.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e21bf30948016980b54932e75735551b
a85989ec09a63517cdc443ec96c563e3d890e9c9
82c22434a8107628e6ce4da7d5f45d3a426c46a1903131524d23d0ef87031d73
GET /staticmy/js/daohang2.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 28 Oct 2022 08:10:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635b8e7b-a68"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/daohang3.js
200 OK 663 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/daohang3.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 05bd97dc518621cae1ccad851b482da7
2ec578c2e311bc2bc989f9a59cae76bf7de69a62
20cccbd0db027b8fa9894282a372d6b90d62643db6e7edbe77efb3d6c4ff598e
GET /staticmy/js/daohang3.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Content-Length: 663
Last-Modified: Fri, 28 Oct 2022 08:10:51 GMT
Connection: keep-alive
ETag: "635b8e8b-297"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.lfhfd.com/staticmy/js/jquery.min.js
200 OK 33 kB URL HTTP/1.1 www.lfhfd.com/staticmy/js/jquery.min.js
IP
File type ASCII text, with very long lines (32061)
Hash 86e98aeb7b032f4d77c7417cf01804c2
6dac186a17a276a44ab10be97ce7a7e68ea0f4ca
25122f689abc9b607b190b64254c6f70daa217593624db865e0a763d05aa4d28
GET /staticmy/js/jquery.min.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-14938"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/gg7f5kv/shang1i7d3.php
200 OK 144 B URL HTTP/1.1 www.lfhfd.com/gg7f5kv/shang1i7d3.php
IP
File type ASCII text, with no line terminators
Hash 70a13d0a0778f066f4f71237671175f5
a9933badaff8835e8db83f791e244ce52646354f
7deb4f58f8785bbcdde358a04fa4b0fcf1b70f9b0bccdbabac0882e0123014cc
GET /gg7f5kv/shang1i7d3.php HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.lfhfd.com/gg7f5kv/sxpf.js
200 OK 1.0 kB URL HTTP/1.1 www.lfhfd.com/gg7f5kv/sxpf.js
IP
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (509), with CRLF line terminators
Hash 4255f9ac9ca47c24a35ea6f9865afe1f
54ad3cd9757a41245f0f7dc827388f28d23e7a70
6ba0e5a1b98576c48a8795794a9369e8ac7519bd5546f87a69fb44f471072faf
GET /gg7f5kv/sxpf.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 15:49:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a47c6c-dcd"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/gg7f5kv/shipinqiangg.js
200 OK 492 B URL HTTP/1.1 www.lfhfd.com/gg7f5kv/shipinqiangg.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 11c213a8b9a1e786d91bea5f3b44072c
30c1b32d63f1806ab353380aa6d3c3d2261b1627
3a798997a427db5d3fb5763e2c4693c463b52912dae8eb7797cc40daccfcc52c
GET /gg7f5kv/shipinqiangg.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Dec 2022 11:04:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ad7422-6db"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.lfhfd.com/staticmy/js/tj.js
200 OK 554 B URL HTTP/1.1 www.lfhfd.com/staticmy/js/tj.js
IP
File type HTML document, ASCII text, with very long lines (554), with no line terminators
Hash ffa219fac5d7b1368d9b47d81e305db3
32d56b35f49cf2969372f78c40bd119b9e15ff2c
8f6de905baf821eaab46d9df3c3ce829e3bd78637554f6eb68fc0c9eb6bce4f8
GET /staticmy/js/tj.js HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript
Content-Length: 554
Last-Modified: Sun, 18 Sep 2022 07:13:40 GMT
Connection: keep-alive
ETag: "6326c524-22a"
Expires: Fri, 30 Dec 2022 20:15:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 279 B IP
Hash b9ae107312a3e6789ca1dd6ef01aa9f9
9cbe4ac59706423a0613415139b6a90f7a6fb5aa
b563e6301dd095c1a105675a2a65627f606c865efae8f106910a338be25d523f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5810
Cache-Control: max-age=171613
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:03 GMT
Etag: "63ae82b2-117"
Expires: Sun, 01 Jan 2023 07:55:16 GMT
Last-Modified: Fri, 30 Dec 2022 06:18:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
www.lfhfd.com/staticmy/images/150x50.gif
200 OK 6.5 kB URL HTTP/1.1 www.lfhfd.com/staticmy/images/150x50.gif
IP
File type GIF image data, version 89a, 150 x 50\012- data
Hash 234bdd5dc2570a5ab1dc9c708245b395
375b93c3bc8f4382991d2ff4af446685e429bf2c
77cab73693745ce7a57f4e10d5b7213019939be397f526fd709e759bde032aa9
GET /staticmy/images/150x50.gif HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/staticmy/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: image/gif
Content-Length: 6450
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-1932"
Expires: Sun, 29 Jan 2023 08:15:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.lfhfd.com/gg7f5kv/shouyeshang.html
200 OK 4.5 kB URL HTTP/1.1 www.lfhfd.com/gg7f5kv/shouyeshang.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 06e533cb36669fa61775d114cf7c1ad1
83d45b832793de843fbcc1e554b5766020e6e84b
671e135e0e87237b60ca661f6a7a18b56234b663a517754652906ef96ceccde8
GET /gg7f5kv/shouyeshang.html HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: text/html
Last-Modified: Fri, 30 Dec 2022 03:23:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ae59c0-497c"
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 30 Dec 2022 08:10:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63ae9cfa-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.lfhfd.com/staticmy/images/load.gif
200 OK 65 kB URL HTTP/1.1 www.lfhfd.com/staticmy/images/load.gif
IP
File type GIF image data, version 89a, 150 x 210\012- data
Hash 1fbb5556099254502571ddee76ec3683
8d1bc81d78d45b97e0c031f813c338cf22043978
1a41d8b1fe312bd93ad4ce35db83af7647ab0ebef9d60c45d211cda7340ec4c8
GET /staticmy/images/load.gif HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/staticmy/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: image/gif
Content-Length: 65214
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-febe"
Expires: Sun, 29 Jan 2023 08:15:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.lfhfd.com/staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
200 OK 158 kB URL HTTP/1.1 www.lfhfd.com/staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size 158 kB (157978 bytes)
Hash e54cb4dc9be7dcc2c7b5a085e64038e7
0aec9b365cf0fdf76644b2f8fec9744cfad0d825
df7aa08e09418b8331ea18fd91e93aa12e72f028ece9e183e4ffda4adfe301a6
GET /staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.lfhfd.com/staticmy/css/iconfont.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
www.lfhfd.com/staticmy/fonts/iconfont-15417656157251.ttf
200 OK 22 kB URL HTTP/1.1 www.lfhfd.com/staticmy/fonts/iconfont-15417656157251.ttf
IP
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, \012- data
Hash ac82e9b2caf4353072767003329646d5
6711419177b4fd005c1c69900517af042504bb60
12cfa0fe87f6160e5fc1d1dd699e701e6c55f36b5c6a86a2e1fbcbf12f7b688e
GET /staticmy/fonts/iconfont-15417656157251.ttf HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/staticmy/css/iconfont.css
Cookie: __vtins__JopnXtR7lkBu1Kg1=%7B%22sid%22%3A%20%22e36954a6-460d-5f3f-9d73-cc264d87b43f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201672389897894%2C%20%22ct%22%3A%201672388097894%7D; __51uvsct__JopnXtR7lkBu1Kg1=1; __51vcke__JopnXtR7lkBu1Kg1=05ddd570-ebe5-59b5-b80a-08e57edc729e; __51vuft__JopnXtR7lkBu1Kg1=1672388097898
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:04 GMT
Content-Type: application/octet-stream
Content-Length: 21940
Last-Modified: Tue, 07 Sep 2021 04:59:38 GMT
Connection: keep-alive
ETag: "6136f1ba-55b4"
Accept-Ranges: bytes
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 08:15:04 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sVHV8b9Uy7maHwANhi8M1ZdikHK3soon87ehKZLXNk9BUvk5YVz4PM2anetLxPIwNv%2Bx3%2B4cuU1CnDYy4e11%2FgKXm0t4J%2BuQ8CnLqCn%2FWo8AEGopGtbeAflVWKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7819534f2cf8b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 507
Origin: http://www.lfhfd.com
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 30 Dec 2022 08:15:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=5a26d91f314351858dd; path=/
HWWAFSESTIME=1672388102659; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.lfhfd.com
Access-Control-Allow-Credentials: true
kzehh.com/9d8f5cd78adaf809fcd1b4acef4c047e.gif
200 OK 181 kB URL HTTP/2 kzehh.com/9d8f5cd78adaf809fcd1b4acef4c047e.gif
IP
File type GIF image data, version 89a, 150 x 150\012- data
Size 181 kB (181030 bytes)
Hash 1875bfad7cb40219049354aa7938ac9d
430a926066ed424ed5871c0435ac40ccd1546566
b1e2af30e73c61529587d6aff62c941888c9c685d4d127edb5bac1d84d0178b7
GET /9d8f5cd78adaf809fcd1b4acef4c047e.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 181030
date: Wed, 21 Dec 2022 06:03:32 GMT
last-modified: Tue, 20 Dec 2022 05:32:57 GMT
etag: "1875bfad7cb40219049354aa7938ac9d"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Hm4I3szB4Y7V6h9ztQXjYuL5V6wVoTOeXyal2m_h-__Kcjybm8bB-w==
age: 785493
X-Firefox-Spdy: h2
kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
200 OK 396 kB URL HTTP/2 kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 20 Dec 2022 23:20:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3zrBxqnQhlNtHwIFWGIbzfmGzh780me4WmSOp3SqZAyWVgyv0mx-Jw==
age: 809697
X-Firefox-Spdy: h2
www.lfhfd.com/staticmy/images/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 www.lfhfd.com/staticmy/images/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 11bf57dec75674ec9af4351125a77667
a95e2eb332bcf60a29bf2ff9ad27a9e7acb9dcbd
d5edeeecd4f0ce96dd5ea591726b17a090b843e9a4dbc83cf98f216a73e835b1
GET /staticmy/images/favicon.ico HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
Cookie: __vtins__JopnXtR7lkBu1Kg1=%7B%22sid%22%3A%20%22e36954a6-460d-5f3f-9d73-cc264d87b43f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201672389897894%2C%20%22ct%22%3A%201672388097894%7D; __51uvsct__JopnXtR7lkBu1Kg1=1; __51vcke__JopnXtR7lkBu1Kg1=05ddd570-ebe5-59b5-b80a-08e57edc729e; __51vuft__JopnXtR7lkBu1Kg1=1672388097898
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:04 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sat, 27 Aug 2022 07:44:58 GMT
Connection: keep-alive
ETag: "6309cb7a-10be"
Accept-Ranges: bytes
kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
200 OK 288 kB URL HTTP/1.1 kvevv.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 288397
Connection: keep-alive
Date: Sat, 24 Dec 2022 08:26:22 GMT
Last-Modified: Sat, 24 Dec 2022 08:23:21 GMT
ETag: "e17bb688cfdae836ea866c47e92a022a"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: ibOp93TpagKP8d8ybNvvnPSe3iq4vu1-WjhJt9JDeJrnbILhEOgegw==
Age: 517723
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 30 Dec 2022 04:07:04 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 a691085135305af276cea0859fd6b128.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: dRZAJN5he0kkpVizkpOpbbeeVn4wdKS6q7mq6l0P9sjRbholfSJ61g==
Age: 14881
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec358068c093de188b88ad8361dca37d
90bcc1b5057d62fbcbbd9344beef507dd99d224e
900d708984f926e65b43c9af48cf7ee536c40d39a0e4ad923e2335d6acc7951b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "900D708984F926E65B43C9AF48CF7EE536C40D39A0E4AD923E2335D6ACC7951B"
Last-Modified: Thu, 29 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Fri, 30 Dec 2022 09:25:43 GMT
Date: Fri, 30 Dec 2022 08:15:06 GMT
Connection: keep-alive
kvexx.com/03c3cb047014f05117117e4a924df90d.gif
301 Moved Permanently 162 B URL HTTP/2 kvexx.com/03c3cb047014f05117117e4a924df90d.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 30 Dec 2022 08:15:06 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
66887aaa.com/86913169af884311a52656d75e3ac411.gif
200 OK 75 kB URL HTTP/1.1 66887aaa.com/86913169af884311a52656d75e3ac411.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 140\012- data
Hash 9ec2590e27ee6043f3706765e32205de
203ff7fad1404abe5d76a8492a0b0dbe84b59e6e
af71ea369d93839d336f3b4cbbf8bdbccf249b48fd76c107a63ece3eac346359
Analyzer Verdict Alert quad9 Sinkholed
GET /86913169af884311a52656d75e3ac411.gif HTTP/1.1
Host: 66887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a4772b-125c9"
Date: Fri, 23 Dec 2022 02:49:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 15:26:35 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-11
Content-Length: 75209
de88deggtp.com/100tp/1200-60.gif
200 OK 231 kB URL HTTP/1.1 de88deggtp.com/100tp/1200-60.gif
IP
File type GIF image data, version 89a, 1200 x 60\012- data
Size 231 kB (230614 bytes)
Hash def1553ac93248c7de12ff2d7c545780
35c8c3f528cc7a936a84b7624c3344c495646f9b
c817febe8ceeda51ebf39ef74c177bc11bd3c057cd903988b6e1205be626ace8
GET /100tp/1200-60.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:05 GMT
Content-Type: image/gif
Content-Length: 230614
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 13:30:10 GMT
ETag: "63ac44e2-384d6"
Expires: Sat, 28 Jan 2023 13:33:08 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
n0633.com/0b262efdc86a4822ae7db5d1aa954b22.gif
200 OK 112 kB URL HTTP/1.1 n0633.com/0b262efdc86a4822ae7db5d1aa954b22.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 112 kB (111619 bytes)
Hash e3f92ec9a28c2ef601aa8c8dee64a06e
935ace4b291314236b51791d2fd3afba745de0aa
b8b35dd7df9ef2d465894d74741e0b97aa35857bb6c9f802c24d70fc594d847f
GET /0b262efdc86a4822ae7db5d1aa954b22.gif HTTP/1.1
Host: n0633.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:05 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 24 Dec 2022 08:17:42 GMT
ETag: W/"63a6b5a6-4b76c"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
de88deggtp.com/100tp/960x60.gif
200 OK 456 kB URL HTTP/1.1 de88deggtp.com/100tp/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 456 kB (456396 bytes)
Hash 202f7e8882789aecd824a5d11a3d2550
0434fa09acb7451eaaf06fffe622e8f793a3d18e
a26f264cadabddc2fd0714f8c963ffe2b0ec2674dafe8cc7f759045eee907a71
GET /100tp/960x60.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:05 GMT
Content-Type: image/gif
Content-Length: 456396
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 09:29:40 GMT
ETag: "62b18f84-6f6cc"
Expires: Sun, 29 Jan 2023 03:21:08 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
66667aaa.com/31f53bfa34df4d2294b0ab54fddbec44.gif
200 OK 186 kB URL HTTP/1.1 66667aaa.com/31f53bfa34df4d2294b0ab54fddbec44.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 70\012- data
Size 186 kB (186014 bytes)
Hash 23c4aedf7ad2dad74dc50a6141d51b5f
c95501019f229cc9b5bbb27b4186b25bac586775
1201bf1ab11c0d972512e46469bad367ee840b8b09c087a7090323dfba7777c5
Analyzer Verdict Alert quad9 Sinkholed
GET /31f53bfa34df4d2294b0ab54fddbec44.gif HTTP/1.1
Host: 66667aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63984d60-2d69e"
Date: Wed, 28 Dec 2022 02:55:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 13 Dec 2022 10:01:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 186014
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Dec 2022 07:21:51 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: ygbWsV1nX7GmbPp_MiMHuc8K8d1So95wMwn8z0qrmOnoDA8p37kdqA==
age: 3196
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 354 kB URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 354 kB (354278 bytes)
Hash c6442fd82dd00372e745f394887172f2
dc8ce1d9b050eb7b70c1e47e815169c8ffdc77b9
813a5a49ef0682cdb74754e84f7b5d0159392b1fef69ec06e2875388e97d8843
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 354278
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 15:07:05 GMT
etag: "c6442fd82dd00372e745f394887172f2"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: fiDMZb6lWggCYbMmrABbpTrRiuqHns5Z8OFbP9BHdyZSwo0ZVl_iyg==
age: 61682
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
200 OK 477 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /images/0105j12000a16nl1n59E7.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 477289
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5033251
expires: Sun, 26 Feb 2023 14:22:37 GMT
date: Fri, 30 Dec 2022 08:15:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash eb7b22ea9274eacdea717b928e9e8dd6
8bc7aa5170bd28459a2543579b6a02379d58d5e9
dc8766706dbd63de6bf585c46dd8b4d134cb4ae7abbee0aef236ab5a6a5ee275
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 05:42:36 GMT
ETag: "8bc7aa5170bd28459a2543579b6a02379d58d5e9"
Last-Modified: Fri, 30 Dec 2022 05:42:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2074
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78195364ec7f0b59-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash eb7b22ea9274eacdea717b928e9e8dd6
8bc7aa5170bd28459a2543579b6a02379d58d5e9
dc8766706dbd63de6bf585c46dd8b4d134cb4ae7abbee0aef236ab5a6a5ee275
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 05:42:36 GMT
ETag: "8bc7aa5170bd28459a2543579b6a02379d58d5e9"
Last-Modified: Fri, 30 Dec 2022 05:42:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2074
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78195364e9ab1c0a-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash a41777d85d295782e8952b813be6a15d
483da6a10a8733158b19b1b48d554a55455fbc2e
b09863b75d714f5f641a8f4cc89096bee85623dfaeb144cc9b8b54d2a14146da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 18:14:10 GMT
Expires: Wed, 04 Jan 2023 18:14:09 GMT
Etag: "483da6a10a8733158b19b1b48d554a55455fbc2e"
Cache-Control: max-age=467341,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364c8edb505-OSL
zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
200 OK 1.0 MB URL HTTP/1.1 zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
GET /f7c7ff277fc946dab898f4ae7c2c4be0.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2dc7-f90bb"
Date: Mon, 26 Dec 2022 04:19:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 09:00:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-20
Content-Length: 1020091
ocsp.sectigo.com/
200 OK 471 B IP
Hash fe028b2386616d9901ab02d9b14ea692
26424cab406140143edef29a7a93affe1b61a184
cf1e8fcbce88e9e742fd091a60d0c1723236d7cb0a6618228667498e393701b6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 05:33:15 GMT
Expires: Tue, 03 Jan 2023 05:33:14 GMT
Etag: "26424cab406140143edef29a7a93affe1b61a184"
Cache-Control: max-age=335286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364ce8fb4ff-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash a56680f44cd612e0ea152d20a43805e4
050923859c700d0b8e7821acdc82fc6aeb780b61
b322959b1d84bd5190d7ae37f50b51caf4ba24b6397040aa4e689545564a7217
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 14:24:40 GMT
Expires: Tue, 03 Jan 2023 14:24:39 GMT
Etag: "050923859c700d0b8e7821acdc82fc6aeb780b61"
Cache-Control: max-age=367171,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364d925b518-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 003711a9ccbd9144b33e6befc0939bf2
3c9f8b5a3cd42a35d4a814bd3c32ba56045c994c
c7657a59237bd4d927d6c17bfc40e7955b68269233c92a4cd759a0d89c67e219
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 23:18:41 GMT
Expires: Mon, 02 Jan 2023 23:18:40 GMT
Etag: "3c9f8b5a3cd42a35d4a814bd3c32ba56045c994c"
Cache-Control: max-age=312812,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 781953651942b505-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b84e667bba825fbe001450f76d76571
79050e09ad245348c574468cdeb34c15b957212e
559cfddd3d0dc50f8722b79567b1d260c51b5977a42e583fae9bdb1ce89b353d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "559CFDDD3D0DC50F8722B79567B1D260C51B5977A42E583FAE9BDB1CE89B353D"
Last-Modified: Thu, 29 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10863
Expires: Fri, 30 Dec 2022 11:16:10 GMT
Date: Fri, 30 Dec 2022 08:15:07 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash c00af888d96d20ffedb9df3383e70f10
b7023084495b76adf882a1c1a088bc59b684690b
22fb3a2eeb8a4c1d741204684cfe7cd6ea6ac689723b5a61ab28796134d0fdd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=135673
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63adf36a-116"
Expires: Sat, 31 Dec 2022 21:56:20 GMT
Last-Modified: Thu, 29 Dec 2022 20:07:06 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash b4ec2c59468f690505674a4acc55ebba
7601a668320e2c28558654045f78e4c4d0969ccc
8e55dcb09b8215ef4b03baf6139acd1f9dacf48815908a2ee39d0458f030a84d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5192
Cache-Control: max-age=158782
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63ae5301-117"
Expires: Sun, 01 Jan 2023 04:21:29 GMT
Last-Modified: Fri, 30 Dec 2022 02:54:57 GMT
Server: ECS (amb/6BB3)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash af405ecacf1223a6d9c443b7d27675f2
6592855d3bd0dce2958ea604dd46d3e2356508bc
4a3a0dd2c5a4030b1ae7c1b582fa81221e4cd84f11507610e630f51fc9219702
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 03:57:12 GMT
Expires: Wed, 04 Jan 2023 03:57:11 GMT
Etag: "6592855d3bd0dce2958ea604dd46d3e2356508bc"
Cache-Control: max-age=415923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364cd8e0b41-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash cf4dadf6d70cb28ca9b5ea38c1ad09ac
c79d1dba2a126c64f0a1bdceefe019a12bf675dc
66bea473ecc6cadd0e2a049850045a0cce4a62f9a64fb1badee417791d2bd612
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 05:17:39 GMT
Expires: Wed, 04 Jan 2023 05:17:38 GMT
Etag: "c79d1dba2a126c64f0a1bdceefe019a12bf675dc"
Cache-Control: max-age=420750,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364cab21bfa-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7c130c26d14a6793fcf3e6d8a3c6e5f4
6d9fd995635342f0884d9bb28a48528851e7850b
108efe0ca3c99f54075f01365ed63685f2f5d125edca8875775621521c5af54d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 22:22:02 GMT
Expires: Wed, 04 Jan 2023 22:22:01 GMT
Etag: "6d9fd995635342f0884d9bb28a48528851e7850b"
Cache-Control: max-age=482213,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195364c818b509-OSL
ocsp.digicert.com/
200 OK 278 B IP
Hash c00af888d96d20ffedb9df3383e70f10
b7023084495b76adf882a1c1a088bc59b684690b
22fb3a2eeb8a4c1d741204684cfe7cd6ea6ac689723b5a61ab28796134d0fdd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=135673
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63adf36a-116"
Expires: Sat, 31 Dec 2022 21:56:20 GMT
Last-Modified: Thu, 29 Dec 2022 20:07:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
200 OK 310 kB URL HTTP/2 kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310102 bytes)
Hash aaaee07863e1fab7724d3b6698c0b4b3
1f75ba89585a8844a2c1e41625f88bae649be17d
41ac392c3cca5e4434c0f80595838a48338c94f8a9c691d4141c7ecb68acb24e
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.lfhfd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 310102
last-modified: Wed, 13 Jul 2022 15:28:42 GMT
etag: "62cee4aa-4bb56"
expires: Mon, 09 Jan 2023 17:12:32 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1695755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wMsF7F46C764mhJ%2Bf8Xtz8jgNVS6nrjFKXbBty0YW5tVeJzEKdZdkx%2BYj5Em0SFJ6gzjjoATwt7nq0iRO1dUDb%2B%2BHRwv%2FpMZEp8YO%2BQorVWHlFZe6t4zdBrS8Lp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78195365bd66752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b4ec2c59468f690505674a4acc55ebba
7601a668320e2c28558654045f78e4c4d0969ccc
8e55dcb09b8215ef4b03baf6139acd1f9dacf48815908a2ee39d0458f030a84d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4143
Cache-Control: max-age=157733
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63ae5301-117"
Expires: Sun, 01 Jan 2023 04:04:00 GMT
Last-Modified: Fri, 30 Dec 2022 02:54:57 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
200 OK 471 B IP
Hash c4f92db00f5e030fa02cb1395a6b749d
8c7306fd3663c292700930e0b931bbc9f4ddc750
7d32f2be93b2dab85c18ac76fd37704811dc51cf43d41a46329d35b51345fbad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Dec 2022 13:55:32 GMT
Expires: Thu, 05 Jan 2023 13:55:31 GMT
Etag: "8c7306fd3663c292700930e0b931bbc9f4ddc750"
Cache-Control: max-age=538223,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 781953655f04b4ff-OSL
z4a.net/images/2022/12/17/960x60.gif
200 OK 320 kB URL HTTP/2 z4a.net/images/2022/12/17/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 320 kB (319606 bytes)
Hash 443ba779af0bf3944718aa7e4e2038a5
7054a327b7d5a805a510fab7bb2b35d5cd2ec9ca
1461a63340b84e5c64f250e3ca4d3153df4cf60a1226eb2107bf37c5cfcdd8ee
GET /images/2022/12/17/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 319606
expires: Sun, 17 Dec 2023 09:20:12 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1119295
last-modified: Sat, 17 Dec 2022 09:20:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw%2FdWDiA9E9PFuyRsXDuz7Cm%2BLjb%2FXNSdRoC5%2FZNukI6XyGdB%2F0b4TaYHgxkGZQuMfJzuzSnX44oOMISVdYlLUXr2Gt32aUPRN7GKpcMbhho7j7U26Fjzhgl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78195365ed6d24f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
200 OK 497 kB URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 497 kB (497175 bytes)
Hash 308dfc606f51875abeaddaf59af06f44
fbc86f1ca7aaf6132c4643c7138b539a170fb6c1
1e1e5e16afd234768c984ee2f2551abbf8af6de533f12b80dbee9ab06a857bf3
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 497175
last-modified: Thu, 01 Dec 2022 15:50:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Dec 2022 01:35:46 GMT
etag: "308dfc606f51875abeaddaf59af06f44"
x-cache: Hit from cloudfront
via: 1.1 50f11b94d86cc6d83642be5c3577d6fc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 3V_iTsxXwpBJ8brZyBjsPr6vun56ZjdNeqslvqS6kSqrHcr7pENWfA==
age: 23961
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 23:06:09 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: kL84i9k-vdClhwrjadl8EbUfwfY_iUnynD5aUTsTTqHPJYvkSRtzKg==
age: 32937
X-Firefox-Spdy: h2
9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
200 OK 584 kB URL HTTP/1.1 9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /3be4171f45964b3795b8b02e1da84c25.gif HTTP/1.1
Host: 9366qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "631ee6a4-8e959"
Date: Fri, 30 Dec 2022 08:15:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 12 Sep 2022 07:58:28 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 584025
kzeqq.com/17a571f5114b7fe07f3a8a84c49731c3.gif
200 OK 570 kB URL HTTP/2 kzeqq.com/17a571f5114b7fe07f3a8a84c49731c3.gif
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570411 bytes)
Hash b4ba386b410ed3c8e88edc7863378408
e231d90073dfead323dcc5c92d63a5d3df81e2c5
b92eb16a1b399b10c529bb71aecf0d1cf458cc5544469ffa75c47c5f422f86da
GET /17a571f5114b7fe07f3a8a84c49731c3.gif HTTP/1.1
Host: kzeqq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 570411
last-modified: Fri, 30 Dec 2022 02:48:10 GMT
etag: "63ae516a-8b42b"
expires: Fri, 30 Dec 2022 20:15:07 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF%2FwN5p298iBMwjIxQWdwrPuSKITyilRkWGSKPM34S37qmBwRUYAk%2BofniqNdXdwf6HN26Dk9A1z%2FlG2omycj94WNbuUJf35KGsqTfINYAtstYkDDsUV9lCkQCUr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 781774d27aeec232-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 7adcbec2af609dbc902448ccc57fdee1
43d17df8d68d127dcb75db07a48b9ff882189566
c99f94d1c47478ad75c7a1d4f049aef2140702fcea45afc3a4897c0149378c23
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 04:36:56 GMT
ETag: "43d17df8d68d127dcb75db07a48b9ff882189566"
Last-Modified: Fri, 30 Dec 2022 04:36:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2642
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78195367cb491c0a-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 13186617684375f7eaf87d9f567141b1
ba36237f9382a2b5091739c3adefd9632c1a923e
15d02eb6485f3364379c76662821218cc1d4a99f1d5a4391fe110577227fcdef
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 07:37:35 GMT
ETag: "ba36237f9382a2b5091739c3adefd9632c1a923e"
Last-Modified: Fri, 30 Dec 2022 07:37:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78195366bde60b59-OSL
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
200 OK 919 kB URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 918679
last-modified: Mon, 19 Dec 2022 07:54:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 13:46:27 GMT
etag: "956582dd3aa22ca9b19bdd1d5e091e24"
x-cache: Hit from cloudfront
via: 1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 7O0pmvMa1OmAkfskmxxXn9wWLgZ3ZFgprJSrXJGW6Zht528tQhFMyw==
age: 66520
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 7adcbec2af609dbc902448ccc57fdee1
43d17df8d68d127dcb75db07a48b9ff882189566
c99f94d1c47478ad75c7a1d4f049aef2140702fcea45afc3a4897c0149378c23
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 04:36:56 GMT
ETag: "43d17df8d68d127dcb75db07a48b9ff882189566"
Last-Modified: Fri, 30 Dec 2022 04:36:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2642
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78195367db4f1c0a-OSL
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
200 OK 391 kB URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 391 kB (390953 bytes)
Hash f849b3b0e9c6fdb31c56074c38c5123c
78200f076e1512a0f4b6f56f37d9f7ad355f0ad7
f9d4b673a595159370aa060f5d8b025842504116efc5b85269129a6c02110f6c
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 390953
last-modified: Sat, 17 Dec 2022 12:33:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 12:04:53 GMT
etag: "f849b3b0e9c6fdb31c56074c38c5123c"
x-cache: Hit from cloudfront
via: 1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: 6Sp9HE3KWZDlRpBWkXtICPr3FtzKRhXG2tXdgHNLsTY-6CvpS4Umyg==
age: 72614
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 99df24508262b3fecf469a69cb911eb2
60110d45233f0b093dd346d6aa12e39d4a5632e0
4431f4c3dbdd41fa9be461eb076b3ceef678b6717b6f4d6f115e6e991c2fad61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4431F4C3DBDD41FA9BE461EB076B3CEEF678B6717B6F4D6F115E6E991C2FAD61"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13714
Expires: Fri, 30 Dec 2022 12:03:41 GMT
Date: Fri, 30 Dec 2022 08:15:07 GMT
Connection: keep-alive
kveww.com/99462c01e85acc1311bebac224df6cce.gif
200 OK 845 kB URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 845326
last-modified: Thu, 15 Dec 2022 01:49:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 08:38:58 GMT
etag: "c3e13dfb200737af2e68b42c07f28465"
x-cache: Hit from cloudfront
via: 1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: IClm_PliPkHpFPWkNsB-5JX0aYB73_Ufvv8EjMVCJvZqPPQcpu8pgA==
age: 84969
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0bcc25415dcbdbbda678928b3ca0d791
e1196dd54d0c2b0e04824f8468d9cec5d78022d5
a0409014ab1a645ac5dd876b6085a9f56bba49f33015807dbb1d20e03e03f60e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 30 Dec 2022 06:05:08 GMT
Expires: Sat, 31 Dec 2022 06:05:08 GMT
ETag: "e1196dd54d0c2b0e04824f8468d9cec5d78022d5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0bcc25415dcbdbbda678928b3ca0d791
e1196dd54d0c2b0e04824f8468d9cec5d78022d5
a0409014ab1a645ac5dd876b6085a9f56bba49f33015807dbb1d20e03e03f60e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 30 Dec 2022 06:05:08 GMT
Expires: Sat, 31 Dec 2022 06:05:08 GMT
ETag: "e1196dd54d0c2b0e04824f8468d9cec5d78022d5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
200 OK 553 kB URL HTTP/1.1 538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /d435373888944b359330ac8c9bcff8c1.gif HTTP/1.1
Host: 538936vxn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9374-86f72"
Date: Fri, 30 Dec 2022 02:06:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:31:48 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-26
Content-Length: 552818
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 21433197d2be79a2449d40eb2d577b91
1d270c6561ccefbf2e2cfe9a7f4888b6b594428e
4a429061f144040d94f2d60306a31a87d28336cd5fcc0522e418a49fcb01a66e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 03 Jan 2023 06:26:08 GMT
ETag: "1d270c6561ccefbf2e2cfe9a7f4888b6b594428e"
Last-Modified: Fri, 30 Dec 2022 06:26:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1454
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 781953690f710b59-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 83ead570d2401366637296a6b15d719d
51ffae81b767c1c6f5984b9fc565bf2d4da59087
8ce89998e7d30c967e7c86cfdc1efd694b12166915947b74beb1ab7726396537
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Dec 2022 13:22:19 GMT
Expires: Thu, 05 Jan 2023 13:22:18 GMT
Etag: "51ffae81b767c1c6f5984b9fc565bf2d4da59087"
Cache-Control: max-age=536230,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78195367ebe2b518-OSL
u1044.com/e71372ecacf44aaf966c46f4c654b14b.gif
200 OK 258 kB URL HTTP/2 u1044.com/e71372ecacf44aaf966c46f4c654b14b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 258 kB (257810 bytes)
Hash 85342f67387b95ed8130cd1e3695104f
982759653d73f38fe780f842dd0b7a243ff7c06d
6c835f9fb63efeee9cd18558668d49395bcf16825bdf8a0a2af7c420c5f680f9
GET /e71372ecacf44aaf966c46f4c654b14b.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "639f0781-3ef12"
server: nginx
date: Thu, 29 Dec 2022 22:46:25 GMT
content-type: image/gif
last-modified: Sun, 18 Dec 2022 12:28:49 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-10
content-length: 257810
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 597239aaa0c15fea0c123b58f442769c
518c5ff977cc27b59554fe0dd40182395a623cef
d67f8891ac95e884ecd10c0fd9294725676571d3379b6776e413c4bb8b75feb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D67F8891AC95E884ECD10C0FD9294725676571D3379B6776E413C4BB8B75FEB8"
Last-Modified: Thu, 29 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1718
Expires: Fri, 30 Dec 2022 08:43:45 GMT
Date: Fri, 30 Dec 2022 08:15:07 GMT
Connection: keep-alive
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
200 OK 902 kB URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 902313
last-modified: Thu, 15 Dec 2022 02:17:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Dec 2022 02:34:34 GMT
etag: "8b4a95ea7cfbb7fb4d2b18efca5145f3"
x-cache: Hit from cloudfront
via: 1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: _3CMxq36Vlzz-JaXv7Y37ttmR7BY9a7pH7YU2_jsrbawjre9Msuq9g==
age: 46636
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 7782b8e074e3b172aa0c1ddabdf2a108
62096f0369c8a1d5e439aa947af1acc916abb315
712f090c73fc4b4c142896cd8dba9fd8a71e258b6d1529d18c5396292344138a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6378
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63ae0cbb-2d7"
Last-Modified: Fri, 30 Dec 2022 06:28:49 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 727 B IP
Hash 7782b8e074e3b172aa0c1ddabdf2a108
62096f0369c8a1d5e439aa947af1acc916abb315
712f090c73fc4b4c142896cd8dba9fd8a71e258b6d1529d18c5396292344138a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135600
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63ae0cbb-2d7"
Expires: Sat, 31 Dec 2022 21:55:07 GMT
Last-Modified: Thu, 29 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727
ocsp.digicert.com/
200 OK 727 B IP
Hash 7782b8e074e3b172aa0c1ddabdf2a108
62096f0369c8a1d5e439aa947af1acc916abb315
712f090c73fc4b4c142896cd8dba9fd8a71e258b6d1529d18c5396292344138a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5459
Cache-Control: max-age=141059
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 08:15:07 GMT
Etag: "63ae0cbb-2d7"
Expires: Sat, 31 Dec 2022 23:26:06 GMT
Last-Modified: Thu, 29 Dec 2022 21:55:07 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 06:45:44 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:39:38 GMT
nw-session-id: 202210211439380101311360293842A52Fgx4cc03dy
nw-session-trace: 2022-10-21T14:39:38.59145035+08:00 28
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:39:38 GMT
x-tt-logid: 202210211439380101311360293842A52F
via: n132-067-168, cache19.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:14:130::18
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010bb5ec5b1b5f1e47ca91c2b81197a74f8048ba6c9105f29b60a5a5654edfd2e74a44ae94b6f429eb61763780aa091400b761df5690404fbe40d4d865710f70cd7a52fd33d8906f8ae44a9cba323b06e589132522b5dde5de19e056fb46c2d0ef
x-response-lb: image
ali-swift-global-savetime: 1666334744
age: 6053363
x-cache: HIT TCP_MEM_HIT dirn:2:306166001
x-swift-savetime: Fri, 21 Oct 2022 07:27:56 GMT
x-swift-cachetime: 31533468
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616723881079633587e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
200 OK 343 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 343 kB (343002 bytes)
Hash ce862703bd3a6fd9e7acc3c32453fe84
c27754e24547e935314ba986477cd326628af7e4
eb9f779660b2713488854f27a211239724bb29b842e939424ec882b51520350b
GET /obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 343002
date: Sat, 17 Dec 2022 10:28:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 10:00:43 GMT
nw-session-id: 2022121718004301013113605215982497p5k6801dy
nw-session-trace: 2022-12-17T18:00:43.827293149+08:00 42
x-bdcdn-cache-status: TCP_HIT
x-length: 343002
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 18:00:43 GMT
x-tt-logid: 2022121718004301013113605215982497
via: n128-134-083, cache14.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[3,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:15:482::74
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010ec35d8338a3c1341674e3d2464ee09a429c9c5af2fc930930b9ec60625c05f3b71a3d79f906afd2479681df4ec15d8b01af344e24d3e5df5584a5196f7e0400dfccab4c7d44dab881b7b096fd4eb23fa223bfc14da29e326a459a9a6aa15d8b
x-response-lb: image
ali-swift-global-savetime: 1671272903
age: 1115204
x-cache: HIT TCP_MEM_HIT dirn:2:427158808
x-swift-savetime: Sat, 17 Dec 2022 11:36:55 GMT
x-swift-cachetime: 31531888
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616723881079703590e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
200 OK 638 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 638 kB (637830 bytes)
Hash 038cc3c0d0309ae7edac2468660d6ace
7c625c7e99f6cc090985f06c31d835852c407b83
029afc7f86b07276e77f5a1f657b2347204ab18863ed2c40d3a5122f23d12c82
GET /obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 637830
date: Mon, 05 Dec 2022 07:19:41 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:06:39 GMT
nw-session-id: 2022120515063901020817416040A88D6D5gd7m01dy
nw-session-trace: 2022-12-05T15:06:39.255333075+08:00 40
x-bdcdn-cache-status: TCP_HIT
x-length: 637830
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:06:39 GMT
x-tt-logid: 2022120515063901020817416040A88D6D
via: n132-080-035, cache17.l2de2[277,276,206-0,M], cache2.l2de2[278,0], cache2.l2de2[278,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:8:568::226
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015ee642df66cd746d16887c71efd404179b406acb3f4f6c19ada7b06b9501d3aabb81d46a68162f0279f3f53cbf9e15a6cff21f060722d408026a0be3aa794f232d50469357075367d59bf8fb59328eee5d0a8af58951d10f6f364e4fa2b44ed3
x-response-lb: image
ali-swift-global-savetime: 1670224781
age: 2163326
x-cache: HIT TCP_MEM_HIT dirn:6:380327968 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 07:19:41 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616723881079743593e
X-Firefox-Spdy: h2
6617398ccc.com/95128b772cae4720abf92e497051ddab.gif
200 OK 604 kB URL HTTP/1.1 6617398ccc.com/95128b772cae4720abf92e497051ddab.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 604 kB (603987 bytes)
Hash 23949104e338cb795b2e13fa2f5a2247
466467d793d47e13999b5a3b0d8f3ff5fd980d93
871b665b13f515dec19211e8f88f5b03d1bca8ae5fd317d67c72630a748605a3
GET /95128b772cae4720abf92e497051ddab.gif HTTP/1.1
Host: 6617398ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63aad950-93753"
Date: Tue, 27 Dec 2022 12:55:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 27 Dec 2022 11:38:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-20
Content-Length: 603987
xx.9820668.com/9820/960-80A.gif
200 OK 56 kB URL HTTP/1.1 xx.9820668.com/9820/960-80A.gif
IP
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 980 x 60\012- data
Hash 361aed34798f98db26e7c50462c4b8c5
5ef04619670d41dbbe05e4fa0df9ddd54445d2cd
3a462d3a0fa3dc9d6e8ad5a69e6ec75418b618e0ff6a6abc4bef899a96874e57
GET /9820/960-80A.gif HTTP/1.1
Host: xx.9820668.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lfhfd.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 09 Nov 2022 12:29:16 GMT
Accept-Ranges: bytes
ETag: "2ac34ee236f4d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 30 Dec 2022 08:23:02 GMT
Content-Length: 55633
xinchacha2dv.ocsp-certum.com/
200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 20ff838b2fe37f5760108ee94e7e3fba
583e19db2283dcbc159b44f1b536268c778bb9bc
7a0078366d9a0b476f2a02fb3059e495691980c4c2bf89be50139f9a8d070c9b
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=552
Date: Fri, 30 Dec 2022 08:15:08 GMT
Connection: keep-alive
X-N: S
xinchacha2dv.ocsp-certum.com/
200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 20ff838b2fe37f5760108ee94e7e3fba
583e19db2283dcbc159b44f1b536268c778bb9bc
7a0078366d9a0b476f2a02fb3059e495691980c4c2bf89be50139f9a8d070c9b
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 30 Dec 2022 08:15:08 GMT
Connection: keep-alive
X-N: S
p.qlogo.cn/qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSPr8UIrjdjU1twhzEODXYZqfmsC2Heex3liawLMNNzIK0/0
200 OK 100 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSPr8UIrjdjU1twhzEODXYZqfmsC2Heex3liawLMNNzIK0/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Hash b3484bdf70657b0f90a7549beec19476
edcf2796c82f61d40ccca6af36c5dbc2b16b8277
5a421fb5ec57f001600d515ae0cc36258a6069ab541174240a4c939324ac4cf4
GET /qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSPr8UIrjdjU1twhzEODXYZqfmsC2Heex3liawLMNNzIK0/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 99777
vary: Accept,Origin
last-modified: Thu, 29 Dec 2022 07:12:34 GMT
cache-control: max-age=2592000
x-delay: 22753 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 99777
chid: 0
fid: 0
x-nws-log-uuid: 6d1cf29e-3b02-47ae-99af-177d9e789b5a
X-Firefox-Spdy: h2
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
200 OK 366 kB URL HTTP/2 kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Fri, 30 Dec 2022 20:15:07 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1420381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwipRCov4sczHTcdIWkv%2FaUrYkMXIXYgzLjnYGeXGYrNTWiFyZ4kN%2FbAl29k5zhUJwdz4MPvR6gOiEVX0jKqomGgljR2%2BFim4H7cs%2FsgE0OBbp%2BdOSiFv8UW13GA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af56ca4c5f5-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e24d56b6a27d2c9636a27fa9dddf7e4f
e03150cd57edb02f6522a4e4f0920bce4c5d01f3
59f914c20aa608882d009f1ea9f9f114e587c79452efa74490935612c6068141
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59F914C20AA608882D009F1EA9F9F114E587C79452EFA74490935612C6068141"
Last-Modified: Wed, 28 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12607
Expires: Fri, 30 Dec 2022 11:45:15 GMT
Date: Fri, 30 Dec 2022 08:15:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e24d56b6a27d2c9636a27fa9dddf7e4f
e03150cd57edb02f6522a4e4f0920bce4c5d01f3
59f914c20aa608882d009f1ea9f9f114e587c79452efa74490935612c6068141
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59F914C20AA608882D009F1EA9F9F114E587C79452EFA74490935612C6068141"
Last-Modified: Wed, 28 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12607
Expires: Fri, 30 Dec 2022 11:45:15 GMT
Date: Fri, 30 Dec 2022 08:15:08 GMT
Connection: keep-alive
tpkj3333.com/img/k80m/obGVw2k2O.gif
200 OK 65 kB URL HTTP/1.1 tpkj3333.com/img/k80m/obGVw2k2O.gif
IP
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Hash e03b348553ccccf6c7145c1278045339
8d40704565b38767c7b752ca1f34e78c7695df47
dd462e1eaa30ce285b258edb8c1790de17f3838ce2e55749f554bbb7ee4e7ef9
GET /img/k80m/obGVw2k2O.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"202250-1671636497000"
Last-Modified: Wed, 21 Dec 2022 15:28:17 GMT
Expires: Sat, 14 Jan 2023 08:15:07 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
66888aaa.com/0c443e4928c246a7a0f9fe194e9fbe8c.gif
200 OK 485 kB URL HTTP/1.1 66888aaa.com/0c443e4928c246a7a0f9fe194e9fbe8c.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 485 kB (485287 bytes)
Hash d380a647f953c9a1c3973d06622da8e9
7ea4c5413441c6287df52aceaffbf0ecabf013c3
2a8319f5970f1a6285054d399614ace55bac9b3195f69a9abe1eeb08c6dd03f2
Analyzer Verdict Alert quad9 Sinkholed
GET /0c443e4928c246a7a0f9fe194e9fbe8c.gif HTTP/1.1
Host: 66888aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a3fa07-767a7"
Date: Thu, 29 Dec 2022 22:18:54 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 06:32:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 485287
kvegg.com/1f983e66dfb925d81e4da07bbbaf11fa.gif
200 OK 274 kB URL HTTP/2 kvegg.com/1f983e66dfb925d81e4da07bbbaf11fa.gif
IP
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 274 kB (273994 bytes)
Hash dd958b3e68b86521a1aa39a6ad18b7ab
1985a71ffbda6b9f3cf8cc2c16a432827d74efdf
4b6204acd4c9d7154d86b003ee9abafb7e238fef26e46376d2c71b3fbf93ef36
GET /1f983e66dfb925d81e4da07bbbaf11fa.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 08:15:08 GMT
content-type: image/gif
content-length: 273994
last-modified: Sun, 18 Dec 2022 07:01:49 GMT
etag: "639ebadd-42e4a"
expires: Fri, 30 Dec 2022 20:15:08 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 21242
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWKvu4czFePRb742V5V%2F8TKzrWAz9lu4QWw4vOoCRA98xLuiABZvCkAsemtJtw9IVyM3gynuuU7JZTFi%2FBcVDA%2F%2BJE7PTlFqhEW71gUtPKuruKWz7Q1MO6Ea%2B%2F29"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af0ac4ac36e-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 30 Dec 2022 08:15:07 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 06:54:31 GMT
cache-control: max-age=2592000
x-delay: 36035 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: afd31e39-a4de-4eb2-8961-e4018b773694
X-Firefox-Spdy: h2
tpkj3333.com/img/k80m/oUfCSgVqE.gif
200 OK 91 kB URL HTTP/1.1 tpkj3333.com/img/k80m/oUfCSgVqE.gif
IP
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Hash 4946489a6b4b9e0b10f0f27ca4e6abc2
02f0695bb9fd6890f6e22b200ca3532dc1b86200
89918818e7f2717b00d29025873a9ccf2ddc097ab8920ca4348e73c2791d528f
GET /img/k80m/oUfCSgVqE.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"250183-1671358133000"
Last-Modified: Sun, 18 Dec 2022 10:08:53 GMT
Expires: Sat, 14 Jan 2023 08:15:07 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
ldbbs.ldmnq.com/bbs/topic/images/2022-12/62559a62-7d96-4f90-a0b5-94a7f2967f4b.gif
200 OK 54 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/62559a62-7d96-4f90-a0b5-94a7f2967f4b.gif
IP
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 120\012- data
Hash 1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f
GET /bbs/topic/images/2022-12/62559a62-7d96-4f90-a0b5-94a7f2967f4b.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:08 GMT
Content-Type: image/gif
Content-Length: 53701
Connection: keep-alive
Server: openresty
Age: 679480
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "1b0debb707f7274e95ae467969832663"
Last-Modified: Wed, 21 Dec 2022 06:44:18 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE4[4],CHN-HElangfang-AREACUCC1-CACHE4[0,TCP_HIT,1],CHN-HElangfang-AREACUCC1-CACHE17[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE48[139],CHN-TJ-GLOBAL1-CACHE17[121,TCP_MISS,137]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShyI/M24SysM7QVQmHyPorxbprtw58m
x-amz-request-id: 00000185336CFEF1981BF818017B32F6
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
200 OK 432 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 63AE9E0B1B08F73633DA4D31
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 3
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
200 OK 394 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 394 kB (394237 bytes)
Hash 03123a07739f511b3306d13415cd72b1
6dbf38767657a15b922e4d153f46fe4829e012cb
72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: image/gif
Content-Length: 394237
Connection: keep-alive
x-oss-request-id: 63AE9E0B81477F37375644DD
Accept-Ranges: bytes
ETag: "03123A07739F511B3306D13415CD72B1"
Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13376170837400656090
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: AxI6B3OfURszBtE0Fc1ysQ==
x-oss-server-time: 1
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96060a.gif
200 OK 560 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96060a.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 560 kB (560502 bytes)
Hash fcbcc738fb6a5f8f5e56a56d72cb1289
510283d17b79cfbacb3061964810555dc3dc4314
f1d0c16cca2cae7a2e7b05b68d0dd21ed48c9fd56453a3892748b55d5991b27f
GET /xpj/xpj96060a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 30 Dec 2022 08:15:07 GMT
Content-Type: image/gif
Content-Length: 560502
Connection: keep-alive
x-oss-request-id: 63AE9E0BE3B51E35312ADD71
Accept-Ranges: bytes
ETag: "FCBCC738FB6A5F8F5E56A56D72CB1289"
Last-Modified: Mon, 19 Dec 2022 06:38:17 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18035721676580147221
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: /LzHOPtqX49eVqVtcssSiQ==
x-oss-server-time: 2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cb4ce3-48b0-4438-a0c5-0c62139706b6.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cb4ce3-48b0-4438-a0c5-0c62139706b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5df739293f8846ba42b9ee2748ddec0
8ae554e7a9944145b58cdf14433e382e0b09d417
2a2bbd6219432e6a451838ca1266972fb412190fbf1c96351f3f0372143eea2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cb4ce3-48b0-4438-a0c5-0c62139706b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9748
x-amzn-requestid: 06f61fb6-c474-4c29-8e2a-3c94086c0a96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZmOG9DoAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae095a-731b23c915809aba62afd050;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:40:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KjGfhkZcBsccQksbbE0udUABqQ-3whKNn_2vVln0AVvrd-Uwas_O6w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:37 GMT
age: 36812
etag: "8ae554e7a9944145b58cdf14433e382e0b09d417"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpcdnde88de.com/79tp/960x60-2.gif
200 OK 322 kB URL HTTP/2 tpcdnde88de.com/79tp/960x60-2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322376 bytes)
Hash c41a909fa1e62a4ebc583626a93c05c1
10adfd5b6d78d04cc93c76b14a29fc93ce4f2708
b60310fa346cdc56ed271a244d9c4f1e137e0fd46571802f25c0c8e09131aa4e
GET /79tp/960x60-2.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 08:15:08 GMT
content-type: image/gif
content-length: 322376
last-modified: Sat, 25 Jun 2022 12:15:37 GMT
etag: "62b6fc69-4eb48"
expires: Fri, 06 Jan 2023 03:48:31 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 30 Dec 2022 08:15:08 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 63AE9E0C23C054313977CC9E
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
tpcdnde88de.com/235tp/960x60.gif
200 OK 590 kB URL HTTP/2 tpcdnde88de.com/235tp/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 590 kB (590255 bytes)
Hash d9d8d54236add0a03997175e250e51ef
b65ebc88346d3a308dbf4791ade0637330df8895
81954cd3768276219bbf7aca8ce82881fbda51a1721ef78d559cdd7772800571
GET /235tp/960x60.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 08:15:08 GMT
content-type: image/gif
content-length: 590255
last-modified: Wed, 15 Jun 2022 13:02:58 GMT
etag: "62a9d882-901af"
expires: Fri, 06 Jan 2023 03:59:39 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
200 OK 1.1 MB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 08:15:08 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 783317
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE18[9],CHN-HElangfang-AREACUCC1-CACHE30[0,TCP_HIT,4],CHN-TJ-GLOBAL1-CACHE54[16],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,13]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
img.9735x.com/images/639212810771a0fd6ab2b086.gif
302 Found 0 B URL HTTP/2 img.9735x.com/images/639212810771a0fd6ab2b086.gif
IP
GET /images/639212810771a0fd6ab2b086.gif HTTP/1.1
Host: img.9735x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2
img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
302 Found 0 B URL HTTP/2 img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
IP
GET /images/63523ea35fe50f0585d3ef84.gif HTTP/1.1
Host: img.u1669.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
X-Firefox-Spdy: h2
img.1180555.com/images/639ed96cf854fb2e39809f88.gif
302 Found 0 B URL HTTP/2 img.1180555.com/images/639ed96cf854fb2e39809f88.gif
IP
GET /images/639ed96cf854fb2e39809f88.gif HTTP/1.1
Host: img.1180555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lfhfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/70c57cabb92242258bbf034be8584f7f
X-Firefox-Spdy: h2
www.lfhfd.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: www.lfhfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 Dec 2022 08:15:02 GMT
Content-Type: text/html
Content-Length: 36699
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
154.12.61.63
103.170.15.91
104.110.17.24
88.99.102.224
47.246.44.231
47.110.23.69
3.36.126.81
104.21.234.153
66.203.157.56
93.184.220.29
20.222.36.125
134.122.133.169