| hearog.com/images/play-2/icon1.png | 185.162.87.220 | | 7.3 kB |
URL hearog.com/images/play-2/icon1.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /images/play-2/icon1.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 7252
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-1c54"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon2.png | 185.162.87.220 | | 4.6 kB |
URL hearog.com/images/play-2/icon2.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /images/play-2/icon2.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 4576
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-11e0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon3.png | 185.162.87.220 | | 7.8 kB |
URL hearog.com/images/play-2/icon3.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /images/play-2/icon3.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 7847
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-1ea7"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon4.png | 185.162.87.220 | | 7.0 kB |
URL hearog.com/images/play-2/icon4.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /images/play-2/icon4.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 7032
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-1b78"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon5.png | 185.162.87.220 | | 3.3 kB |
URL hearog.com/images/play-2/icon5.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /images/play-2/icon5.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 3264
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-cc0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon7.png | 185.162.87.220 | | 3.3 kB |
URL hearog.com/images/play-2/icon7.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /images/play-2/icon7.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 3283
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-cd3"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hearog.com/images/play-2/icon8.png | 185.162.87.220 | | 4.1 kB |
URL hearog.com/images/play-2/icon8.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /images/play-2/icon8.png HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: image/png
content-length: 4064
last-modified: Fri, 26 Apr 2024 08:14:18 GMT
etag: "662b625a-fe0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.21935056246861118&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay | 185.162.85.4 | | 0 B |
URL mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.21935056246861118&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay IP185.162.85.4:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rpe?a=1&s=1&act=18&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.21935056246861118&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hearog.com
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 17:50:09 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mdakky.com/rpe?a=1&s=1&act=7&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.5159691639571926&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay | 185.162.85.4 | | 0 B |
URL mdakky.com/rpe?a=1&s=1&act=7&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.5159691639571926&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay IP185.162.85.4:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rpe?a=1&s=1&act=7&src=2&p=1026113&st=1344644&wd=567501&d=hearog.com&tpl=70&rnd=0.5159691639571926&sbid=&sbid2=29611306intent%3A%2F%2Fhearog.com%2Fplay HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hearog.com
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 17:50:09 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| tratbc.com/tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 | 138.68.123.185 | | 0 B |
URL tratbc.com/tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 IP138.68.123.185:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tb?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 HTTP/1.1
Host: tratbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hearog.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.15.0
Date: Wed, 08 May 2024 17:50:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a567501&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=ExDY3WTv6oI9sAAi
X-Zone: eu
|
|
| track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a567501&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=ExDY3WTv6oI9sAAi | 143.204.55.80 | | 0 B |
URL track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a567501&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=ExDY3WTv6oI9sAAi IP143.204.55.80:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a567501&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1026113&sub_period=&cost=&click_id=ExDY3WTv6oI9sAAi HTTP/1.1
Host: track.wbdpnz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hearog.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://bstnwsgwrld6.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w4h7dlnjt2dgj9513ft7fj0a&sub1=a567501&fullscreen=1
date: Wed, 08 May 2024 17:50:09 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 7e39237b-016a-417b-a894-f3eeab5fe410-v4=WbDZ_RfN2lzvOk3mlRs_yntxK7bWqmbCXLv1-kCdkdI; Max-Age=86400; Expires=Thu, 09-May-2024 17:50:09 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w4h7dlnjt2dgj9513ft7fj0a%22%2C%22caid%22%3A%227e39237b-016a-417b-a894-f3eeab5fe410%22%7D; Max-Age=31536000; Expires=Thu, 08-May-2025 17:50:09 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JiS8TSl79Boq_NqTj0O_jpdc58Nd8HwoU-KtWsBan2srEBec5bNZhA==
X-Firefox-Spdy: h2
|
|
| ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898 | 188.114.97.1 | | 0 B |
URL ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898 HTTP/1.1
Host: ykrvt.bestssp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bstnwsgwrld6.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 17:50:12 GMT
content-length: 0
location: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
set-cookie: epbJxbtxQEuIs1LQXyqFHg=1; max-age=345600; path=/; samesite=lax
__pl=6c48f8b6-9650-453b-8c2c-5a468a0dfb82; expires=Fri, 08 May 2026 17:50:12 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FZy%2BfvazDY7g11IK0IZR8kjoyweDe2cPhe8UqCN9dkbth1vZRLAAiy8LShqNPdYZGcKufXcc%2BydHqM1zgWw4tahLnJSkvSuvIsqHagUtWqOc64CQpr0O98s49Rw4ipPIgIijw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b4a7138fb1bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ykrvt.check-tl-ver-94-2.com/space-robot/assets/corner.png | 172.67.189.129 | | 300 B |
URL ykrvt.check-tl-ver-94-2.com/space-robot/assets/corner.png IP172.67.189.129:0
File typePNG image data, 44 x 44, 8-bit colormap, non-interlaced Hashf66c38fa2cd7c50bd1989d41da28fb80 e1de333eca72647f3c1831083fe678cfa8fe9eab 3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: ykrvt.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6650
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdW2AWfPJFvT1QVqVUvFDMX9FV8ziDgLV7pHknOaEaPhVNuijRDFuQquQ6BQGLS4iw%2Bk%2FRU5LVO%2BkgiE51xOyP6FDF3J%2FreFcA8tOJ71ghXBj3NTXEtHdM544ekybh5suKQQwUK3u0yjChzVitE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a73bc57712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ykrvt.check-tl-ver-94-2.com/space-robot/assets/main.js?v=3 | 172.67.189.129 | | 17 kB |
URL ykrvt.check-tl-ver-94-2.com/space-robot/assets/main.js?v=3 IP172.67.189.129:0
File typeJavaScript source, ASCII text, with very long lines (2745) Hash01c51ed0a287b5ddf6793778cfa3a72c ebd2613cd806b8e080f556b0d254c0f7a6c738a9 4c0224d810d4f0ac617ddd4ab215e0084aeec230d8944780a129c0046de2dad5
GET /space-robot/assets/main.js?v=3 HTTP/1.1
Host: ykrvt.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1255"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXXjvRDH86B6avmRa0PaiOE43xkS8%2Fj3XBt77oCoYtEZeMzBj5q1thv%2Fqwtshw11TkMHcX23dowlJ%2FTZoL4HNzpUIgJlWApFz6NCt0cQm3gnJQOCTog9bZyHZ9zYCpMiNLJXDc7ZCpgDwfEB3%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a73bc5a712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ykrvt.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png | 172.67.189.129 | | 1.2 kB |
URL ykrvt.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png IP172.67.189.129:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash9d35b617fd258f648c37812252297dd3 7e32fd007f1c6fe1466d15439173082c0fbe82da e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a
GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: ykrvt.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: image/png
content-length: 1163
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6650
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lULn9bq0GE626KQSWhU9K3H8Z%2FNYvfYoRUHrGfKB5NiV13WO%2FGQWtoxPYaMQdT5FNrfDmLFAx4ow57bEuH29Ii5vlla8oeL%2FA9xka3u%2FO%2F3aQTymCwCJPO6yQpVH1rS4%2FkNf5%2FKhycT7ExiDoDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a755ead712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ykrvt.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png | 172.67.189.129 | | 23 kB |
URL ykrvt.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png IP172.67.189.129:0
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hashf500ba7eee0ae7d1ceb44236ac253165 0614de220ecadb48038ed894d91120ba102c8367 ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5
GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: ykrvt.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: image/png
content-length: 23177
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-5a89"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWC2HWi0qi2ioz0dy12xBu2%2FEiaEBv0PSXbDE1tCI6W23%2B8gy%2BwWAwUqPM40%2FQiYZ7VAigGco7Y70OrNxBMnNiIdGkDe%2BCVFFGtcCLNYuRPk%2BMUWwBvGQsGiwLpGSlLbBHAYkYNuPckQrZMwllA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a755eab712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ykrvt.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 | 172.67.189.129 | | 2.6 kB |
URL ykrvt.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 IP172.67.189.129:0
File typeASCII text, with very long lines (6532), with CRLF line terminators Hash8335155a7c4004d8296b7727a24273c4 387b7723ba35057b631809e1437c64cdd89f13bb 0b758313cde9005f3f2082f616558a3db63019d03a5f1376f3a49e64d874909e
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: ykrvt.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BfqnTZrV6z7U0kcOwnDWeA32Z0oN1TeSM5SnhlJ1KbLLTXBteq586Cg4dMyrcn0ZOSfoL0EeNgvuGJ60DjYGlN1OVIZQ4%2FVkYglV0%2FyjyU4dmKck%2FDILV4tuwmfbwW3OExKA8bGhxYSMpJjHYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a73ac55712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.99 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:57 GMT
expires: Fri, 02 May 2025 01:56:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 575596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ykrvt.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 488828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ea.check-tl-ver-94-2.com/space-robot/assets/corner.png | 172.67.189.129 | | 300 B |
URL ea.check-tl-ver-94-2.com/space-robot/assets/corner.png IP172.67.189.129:0
File typePNG image data, 44 x 44, 8-bit colormap, non-interlaced Hashf66c38fa2cd7c50bd1989d41da28fb80 e1de333eca72647f3c1831083fe678cfa8fe9eab 3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: ea.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NGHtB4MtzD3PeGoWJWfgDO5FITpS8Yf6rFoZOAHlpD5DT95NAr3w4fIs2kwWQ2LWVdC2jq6jfmkr%2FbwDwT%2BJokuZ0MM9wIjKA5TBkL6b2feG7%2FUL3RhPmHXP%2BzPPVl15PcbSrt00zN1GqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a77192f712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ea.check-tl-ver-94-2.com/space-robot/assets/trls.js | 172.67.189.129 | | 20 kB |
URL ea.check-tl-ver-94-2.com/space-robot/assets/trls.js IP172.67.189.129:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators Hash7f5c725b2c23b9687fa08d162a17427a 94973f1227871750d2ef13a367ce691f1a062527 c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
GET /space-robot/assets/trls.js HTTP/1.1
Host: ea.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2f4d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzkhQJKvZJVWXPzZj9MBjWdeIRBPDb7IhAhGJRKXnDg7sEKJSBZ49dtf7bVI%2FZnhOX6oH5olX5bgZL4FAePQV5SQ86Tf7eOR1gHQ%2F05NqqCpOAd%2Fo3WxmaU7unH3FTmXcBPLeN0nfIgkVo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a770925712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ea.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 | 172.67.189.129 | | 39 kB |
URL ea.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 IP172.67.189.129:0
File typeASCII text, with very long lines (6532), with CRLF line terminators Hash8335155a7c4004d8296b7727a24273c4 387b7723ba35057b631809e1437c64cdd89f13bb 0b758313cde9005f3f2082f616558a3db63019d03a5f1376f3a49e64d874909e
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: ea.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQV8KyUwPZXg4dzUWTCQU5w3cv56RtZcqPrdx1V%2F4NKV%2B2t21ZCXgrXlfawH9Dz9YJ2D%2FDW4iZ4G1eXnnbM3had9OLniKAcWnsSixcRP%2FYlZgJj6HTzDRUKfbaJWh8RVVz1sV13fKqn72w0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a77192b712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ea.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png | 172.67.189.129 | | 1.2 kB |
URL ea.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png IP172.67.189.129:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash9d35b617fd258f648c37812252297dd3 7e32fd007f1c6fe1466d15439173082c0fbe82da e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a
GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: ea.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/space-robot/?pl=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&nrid=7af1bd5e6f08419396299cafcba2b910&hash=m1DI_Dma-ia6nP4dCtFl8Q&exp=1715190912
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: image/png
content-length: 1163
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-48b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfeDngQiXb1kzjOM9HagGggttKkkIz05xK5QcsE%2BU09Jx%2FnVSLplPhRgo4qFmeO4Gkni%2BnAF9RyBXx9DuSsskI4n8LYNu9lO4wp93XwT4o7%2BMWh%2FThaVGyTVXosajImIhZw%2FeuZWHsAlDjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a785b70712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=epbJxbtxQEuIs1LQXyqFHg | 172.67.189.129 | | 9.5 kB |
URL cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=epbJxbtxQEuIs1LQXyqFHg IP172.67.189.129:0
File typeASCII text, with CRLF line terminators Hashdc65a2fbfc4c76147b8b778b759c8d91 b8374137f0fe797e6a7e58c0c6ef14aa7a6b9855 7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958
GET /ps/config.js?id=epbJxbtxQEuIs1LQXyqFHg HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/
Cookie: __psu=e420ac53-711c-4d29-8dd8-d1d05cdd8905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:13 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbTAhNvujuecV4W6wUwNg%2FNVIcTdqRAXD4VafroHmlKibqc51Nh2Q8Chl5zjR4KlAMHoxtW7TPIb1acfjNKw0Tyn%2FFllIKtpJdF0P78YvU9dNv24fCEbmV7L2OY5zogBjiiitbyK%2Br2senSxIDpxzA1Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4a786b89712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 488828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| news-nadete.com/tds?id=1218717456&p1=tk_204667 | 65.109.24.247 | | 0 B |
URL news-nadete.com/tds?id=1218717456&p1=tk_204667 IP65.109.24.247:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218717456&p1=tk_204667 HTTP/1.1
Host: news-nadete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-length: 0
location: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL cc18404512.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cc18404512.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL cc18404512.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:14 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j692; expires=Sat, 08 Jun 2024 17:50:14 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:28 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| cc18404512.news-mezutu.com/lands/39/favicon.png | 23.158.56.201 | | 589 B |
URL cc18404512.news-mezutu.com/lands/39/favicon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash7aa6dabae45e4a52f56e44b50b5658f1 84c41727fef803fc3943100394d88c0ae6263703 53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5
GET /lands/39/favicon.png HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: image/png
content-length: 589
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24d"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cc18404512.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-length: 0
location: https://f0d2737db0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f0d2737db0.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL f0d2737db0.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: f0d2737db0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f0d2737db0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f0d2737db0.news-mezutu.com/
Cookie: _subid=376l60j117j692; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:15 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j699; expires=Sat, 08 Jun 2024 17:50:15 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:30 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f0d2737db0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-length: 0
location: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL e8d15e50f6.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL e8d15e50f6.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/
Cookie: _subid=376l60j117j699; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:15 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j69f; expires=Sat, 08 Jun 2024 17:50:15 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:30 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e8d15e50f6.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-length: 0
location: https://0ff0772032.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 0ff0772032.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 0ff0772032.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 0ff0772032.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ff0772032.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ff0772032.news-mezutu.com/
Cookie: _subid=376l60j117j69f; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:15 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j69h; expires=Sat, 08 Jun 2024 17:50:15 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:30 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0ff0772032.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-length: 0
location: https://68e3011b58.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 68e3011b58.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 68e3011b58.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 68e3011b58.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://68e3011b58.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f0d2737db0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 46 kB |
URL f0d2737db0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash41fa7458026adabc461e0d0a654a81ab 28846c36ae782b2e1d956033a1b470898f330203 0cfa3cec20475d030cd7996183e5ece971326932ddd8211cfdfa313586367088
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f0d2737db0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f0d2737db0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://68e3011b58.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-length: 0
location: https://7eeb10e2c8.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 7eeb10e2c8.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 7eeb10e2c8.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 7eeb10e2c8.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7eeb10e2c8.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7eeb10e2c8.news-mezutu.com/
Cookie: _subid=376l60j117j69p; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:16 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j69v; expires=Sat, 08 Jun 2024 17:50:16 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:32 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7eeb10e2c8.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-length: 0
location: https://b0b1bac6ee.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 68e3011b58.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 86 kB |
URL 68e3011b58.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Hash84b6d63f605acb36ee7425700eab287c d7cf41e88444c74d4ca0bf3d3958f77f1efa0471 f31fe329ce9bb4eab22912388a0386ba305a8bf098518ddf2fef9bfcc4e8cd8a
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 68e3011b58.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0ff0772032.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| b0b1bac6ee.news-mezutu.com/lands/46/sketch.min.js | 23.158.56.201 | | 2.4 kB |
URL b0b1bac6ee.news-mezutu.com/lands/46/sketch.min.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (4675), with no line terminators Hashed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711
GET /lands/46/sketch.min.js HTTP/1.1
Host: b0b1bac6ee.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0b1bac6ee.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0b1bac6ee.news-mezutu.com/
Cookie: _subid=376l60j117j69v; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:16 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6a4; expires=Sat, 08 Jun 2024 17:50:16 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:32 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b0b1bac6ee.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-length: 0
location: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL 7df151926b.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 7df151926b.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/search-icon.png | 23.158.56.201 | | 461 B |
URL 7df151926b.news-mezutu.com/lands/36/img/search-icon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2
GET /lands/36/img/search-icon.png HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL 7df151926b.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 7df151926b.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-15.jpg | 23.158.56.201 | | 9.7 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-15.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f
GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7df151926b.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL 7df151926b.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 7df151926b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7df151926b.news-mezutu.com/
Cookie: _subid=376l60j117j6a4; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:16 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6af; expires=Sat, 08 Jun 2024 17:50:16 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:32 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7df151926b.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-length: 0
location: https://33ff167e5a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 33ff167e5a.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 33ff167e5a.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 33ff167e5a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://33ff167e5a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 33ff167e5a.news-mezutu.com/lands/46/sketch.min.js | 23.158.56.201 | | 2.4 kB |
URL 33ff167e5a.news-mezutu.com/lands/46/sketch.min.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (4675), with no line terminators Hashed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711
GET /lands/46/sketch.min.js HTTP/1.1
Host: 33ff167e5a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://33ff167e5a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://33ff167e5a.news-mezutu.com/
Cookie: _subid=376l60j117j6af; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:17 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ai; expires=Sat, 08 Jun 2024 17:50:17 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33ff167e5a.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-length: 0
location: https://f6bf9a01e2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f6bf9a01e2.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL f6bf9a01e2.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: f6bf9a01e2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f6bf9a01e2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f6bf9a01e2.news-mezutu.com/
Cookie: _subid=376l60j117j6ai; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:17 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ap; expires=Sat, 08 Jun 2024 17:50:17 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 95.216.37.224 | | 844 B |
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP95.216.37.224:0 ASN#24940 Hetzner Online GmbH
Hashf86fa1e5a03b7af97d53b1106d1dfb92 289f0d3a99b484914bedbc79439d6f47d171a9a2 5b7d927e32580e49d8b4773928e7002c29d4fd8c87775f9698ec27f60c556f48
GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33ff167e5a.news-mezutu.com/
Origin: https://33ff167e5a.news-mezutu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://33ff167e5a.news-mezutu.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 445ac5ed5e.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 445ac5ed5e.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 445ac5ed5e.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://445ac5ed5e.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 445ac5ed5e.news-mezutu.com/lands/46/sketch.min.js | 23.158.56.201 | | 2.4 kB |
URL 445ac5ed5e.news-mezutu.com/lands/46/sketch.min.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (4675), with no line terminators Hashed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711
GET /lands/46/sketch.min.js HTTP/1.1
Host: 445ac5ed5e.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://445ac5ed5e.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://445ac5ed5e.news-mezutu.com/
Cookie: _subid=376l60j117j6ap; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:17 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6av; expires=Sat, 08 Jun 2024 17:50:17 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://445ac5ed5e.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-length: 0
location: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL 34a3bbd4db.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 34a3bbd4db.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 10 kB |
URL 34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash1b9bcbeb1a6158f5336c3ad7273143fd 27152ad61e331fa6e4f05225ee6c18f4c50942d7 867767387e68ecbacb25ded3046e80b02df9220772ffa186c2434bb3059b6616
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://445ac5ed5e.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 445ac5ed5e.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 57 kB |
URL 445ac5ed5e.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash5f5340e5e609a52ef5477af6fa503a31 0ed8aa026a42e7dc93badbd270c9eba22869a561 a5fbc992e1703b9c81e7d02bf9442036a5146bbb7f0718c3e572b7daef1832bb
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 445ac5ed5e.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f6bf9a01e2.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/tb?id=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&click_id=&nrid=8d8a6186b127cecc354bdac1b848c0aa&reason=tb_exit&attempt=2 | 172.67.189.129 | | 9.5 kB |
URL cdnstatic.check-tl-ver-94-2.com/ps/tb?id=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&click_id=&nrid=8d8a6186b127cecc354bdac1b848c0aa&reason=tb_exit&attempt=2 IP172.67.189.129:0
File typeHTML document, ASCII text, with CRLF line terminators Hash17e050e65fcc505eb46083fe7a0b2d6c 733c1afe8443679db6cb7821ec56d7d38e560206 320807819bde31c237eaeb97a2ad87fb2732c68d8c0529bc0fb960939340e503
GET /ps/tb?id=epbJxbtxQEuIs1LQXyqFHg&sm=space-robot&sub_id=2898&click_id=&nrid=8d8a6186b127cecc354bdac1b848c0aa&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ea.check-tl-ver-94-2.com/
Cookie: __psu=e420ac53-711c-4d29-8dd8-d1d05cdd8905
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:50:14 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwFJ1Wcy69UEEIA2i3e0%2Fb%2FGcYjZhf58KHS88j85mKcMjMsE2a1oU8tDAmnzy3rywSGuAbifK4yRbepK9tVtLwErQFdth71RW%2BpEm72KMmnztHcLpWr9zI6BTRE1OOeUOU6B09ZiYvK1iV0h9NXkZq2C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880b4a798d0d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667 | 23.158.56.201 | | 13 kB |
URL cc18404512.news-mezutu.com/?id=1218717456&p1=tk_204667 IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc2abf1415a18d11ed9d845989142a17e 6c2dc5bda899d11a92bfbeb5555210f9028ecca0 929a84ab324e02a63841a7d07dd5a5115d69d72495a22ee448db1c2124f4256f
GET /?id=1218717456&p1=tk_204667 HTTP/1.1
Host: cc18404512.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:14 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 | 185.162.87.220 | | 21 kB |
URL hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashefb363e42107244347bf6bdc62608f24 a73b517bd413657d46a9513206d2cca1a7e7f42a 0faeb5c954616ce31ef9660dc509f5a390e0d9c4718d9f0aa476866678b7394e
GET /play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306intent://hearog.com/play-2?h=waWQiOjEwMjYxMTMsInNpZCI6MTM0NDY0NCwid2lkIjo1Njc1MDEsInNyYyI6Mn0=eyJ&click_id=30affC1715190260aff9edf77c489394a303a225&si1=&si2=29611306 HTTP/1.1
Host: hearog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.0
date: Wed, 08 May 2024 17:50:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Thu, 09-May-2024 17:50:09 GMT; Max-Age=86400; path=/; domain=hearog.com
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 34a3bbd4db.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL 34a3bbd4db.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 34a3bbd4db.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://34a3bbd4db.news-mezutu.com/
Cookie: _subid=376l60j117j6av; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:18 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6b3; expires=Sat, 08 Jun 2024 17:50:18 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:36 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://34a3bbd4db.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-length: 0
location: https://1a6891a66c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 1a6891a66c.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 1a6891a66c.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 1a6891a66c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1a6891a66c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1a6891a66c.news-mezutu.com/
Cookie: _subid=376l60j117j6b3; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:18 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6b8; expires=Sat, 08 Jun 2024 17:50:18 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:36 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1a6891a66c.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-length: 0
location: https://455b7e3a62.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| gpshtb.com/go/707?source=2898 | 173.214.244.181 | | 8.1 kB |
URL gpshtb.com/go/707?source=2898 IP173.214.244.181:0
File typegzip compressed data, max compression, from Unix Hashd49a2eeeef400bfdc6d2fea167431096 b324513b3192a53e4bcb9dcb4570e18e7626c7c1 212df94e3a5597791b8eb024e162e4eb76c146ebbda2fc864ddc2a7ef94cbf84
GET /go/707?source=2898 HTTP/1.1
Host: gpshtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bstnwsgwrld6.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:12 GMT
content-type: text/html; charset=UTF-8
location: https://ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898
X-Firefox-Spdy: h2
|
|
| f0d2737db0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 136 kB |
URL f0d2737db0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (63955) Size136 kB (135972 bytes) Hashb8dff924e350f7090f25716a11338a2b 680fa6b43ac86ac71f2a96d7231ad3350f1d47e6 0dc5a462236a72697dde3f01070afaefe83539d7f1c923c2fe864cc36fc31222
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f0d2737db0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cc18404512.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://455b7e3a62.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-length: 0
location: https://72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 72710531c6.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 72710531c6.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 72710531c6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 72710531c6.news-mezutu.com/lands/57/css/style.css | 23.158.56.201 | | 1.2 kB |
URL 72710531c6.news-mezutu.com/lands/57/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4468), with no line terminators Hashb07eb7ba1a3bb505eba51b55f4ffa9ff fea4806dafcdda47dff4bb6aa09362ded48879d5 086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68
GET /lands/57/css/style.css HTTP/1.1
Host: 72710531c6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 72710531c6.news-mezutu.com/lands/57/js/device.js | 23.158.56.201 | | 1.1 kB |
URL 72710531c6.news-mezutu.com/lands/57/js/device.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (3289), with no line terminators Hash2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85
GET /lands/57/js/device.js HTTP/1.1
Host: 72710531c6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://72710531c6.news-mezutu.com/
Cookie: _subid=376l60j117j6be; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:19 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6bk; expires=Sat, 08 Jun 2024 17:50:19 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://72710531c6.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-length: 0
location: https://e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hashf5fa0fd454072bdf4f9526f6bf69a159 705ff6c3e1691b0b1be9d4851b1883dccc1a1ddd 43fad86b255818b38fd25788a850a7ba477681f72aaaad4d2e02040d92222763
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e8eead2435.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://72710531c6.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e8eead2435.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL e8eead2435.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: e8eead2435.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8eead2435.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL e8eead2435.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: e8eead2435.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8eead2435.news-mezutu.com/
Cookie: _subid=376l60j117j6bk; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:19 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6br; expires=Sat, 08 Jun 2024 17:50:19 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| 0ff0772032.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 98 kB |
URL 0ff0772032.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (63955) Hash32c95ade803eb446b5529164be42eda1 7075cab909a8bcde418c38b9663aff06eb5b2181 95d4d17cc6b5f8b605fa17b327762e4c525e6941093a7e965ec475d075b3c270
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0ff0772032.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e8d15e50f6.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e8eead2435.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-length: 0
location: https://f81c7bc492.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 8.9 kB |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417) Hash9b96449779dba7b9770970658e2fcee4 f7fdda44296aa537742de18218991f0a59898ff9 09da4fdcf12506d6ba400330693ec60b1636ae576a8f29b6c9dd742764ebcb48
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8eead2435.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:19 GMT
date: Wed, 08 May 2024 17:50:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| e8eead2435.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 47 kB |
URL e8eead2435.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc44cb84237cdb5c3dc006d8664006d42 3873f892493027f56b2bc7b139360ca627f8424e 972c4300e3479e723693ac679b8d05db0a4ac9deb4c12f5496155ee8faaa1c57
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e8eead2435.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8eead2435.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f81c7bc492.news-mezutu.com/
Cookie: _subid=376l60j117j6br; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:19 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6c2; expires=Sat, 08 Jun 2024 17:50:19 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| e8d15e50f6.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 135 kB |
URL e8d15e50f6.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Size135 kB (134653 bytes) Hashba9c2553c4d7aad153167f07371dec5b 61181b658dba47633e1b2e9c80eacdcc3df22782 4be768898efbcb283aaff8b4225516afa6853084488e4d6a19d55e4dc8a6430b
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| c77fe5e4e9.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL c77fe5e4e9.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: c77fe5e4e9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c77fe5e4e9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c77fe5e4e9.news-mezutu.com/
Cookie: _subid=376l60j117j6c2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:20 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6c9; expires=Sat, 08 Jun 2024 17:50:20 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c77fe5e4e9.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-length: 0
location: https://21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 21288469c2.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 21288469c2.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 21288469c2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 21288469c2.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL 21288469c2.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: 21288469c2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 95.216.37.224 | | 5.4 kB |
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP95.216.37.224:0 ASN#24940 Hetzner Online GmbH
Hash7de7ea8cce887ed303bd6d051980ead1 bd20e2413d34835b2721c7c72291c80f8e48197e 4d4a0310bcce5005d1cde004d56ab0b5cda870e9343fa7714e92fa86efed8d7a
GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://445ac5ed5e.news-mezutu.com/
Origin: https://445ac5ed5e.news-mezutu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://445ac5ed5e.news-mezutu.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 21288469c2.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL 21288469c2.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: 21288469c2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| b0b1bac6ee.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 9.7 kB |
URL b0b1bac6ee.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb250b227fd639ae218f0550bc5ee1744 ab107dbaa470a1672b7bb30a1b09acaedf45c6e2 4324ddb04c49beebf0859913570695554feacc70ff2f87dc516f4bd4290456f3
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b0b1bac6ee.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7eeb10e2c8.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 21288469c2.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL 21288469c2.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: 21288469c2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 68e3011b58.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 48 kB |
URL 68e3011b58.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd52852018c16f48185992cffe03fc856 55cc11dac05b35dba69eda73f58d889ae68fdcf0 1d2d9d2f74b36c09103d1f28d4c2c1bfe2335d108a0f291aa3f05bd87b8b421a
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 68e3011b58.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://68e3011b58.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| b0b1bac6ee.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 93 kB |
URL b0b1bac6ee.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hashb404d2bd27725c637eff4ffc3a19d908 67c3f77f6ea7ea3f70882b7e78db80a0dab00707 75c0b9342c4e238ece63ba36088495b681fc0e11038a6921add5afabe3911b7d
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b0b1bac6ee.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0b1bac6ee.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://21288469c2.news-mezutu.com/
Cookie: _subid=376l60j117j6c9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:20 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6cf; expires=Sat, 08 Jun 2024 17:50:20 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| c77fe5e4e9.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 89 kB |
URL c77fe5e4e9.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash6d0e95e4ae98b2571680dc86e99e60ea 9af8a11688bd07fb349e55e669935562829a1b8a c6e07d58a342e36ff8badca808a6f81562b2a788fc726ba256c23d4a7bfa48cf
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c77fe5e4e9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c77fe5e4e9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 0ff0772032.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 52 kB |
URL 0ff0772032.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash46e4605ae6aed006b58d3c3804991a30 bc3ca9278557d3427b3fa07a6ebca20e328cdf38 b03154fb7c4bade5b31a644eaef2abecdb9e211739b724f942f289eb87adfc52
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0ff0772032.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ff0772032.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 91f7a29534.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 91f7a29534.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 91f7a29534.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91f7a29534.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91f7a29534.news-mezutu.com/
Cookie: _subid=376l60j117j6cf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:20 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6cl; expires=Sat, 08 Jun 2024 17:50:20 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91f7a29534.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-length: 0
location: https://fd3232828f.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| fd3232828f.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL fd3232828f.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: fd3232828f.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fd3232828f.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fd3232828f.news-mezutu.com/
Cookie: _subid=376l60j117j6cl; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:20 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6cq; expires=Sat, 08 Jun 2024 17:50:20 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fd3232828f.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-length: 0
location: https://eac6d19f4d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| eac6d19f4d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL eac6d19f4d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hashe07ec5a4cb2392f4843b1bac09130a4e a68d3f327a8561aa5f3080447d291dc7094997b0 cafd142b1cfef3b61b75d10288d001a6a2cc85431b3e2ccc4b2825331b24b19c
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: eac6d19f4d.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fd3232828f.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| eac6d19f4d.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL eac6d19f4d.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: eac6d19f4d.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eac6d19f4d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| eac6d19f4d.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL eac6d19f4d.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: eac6d19f4d.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eac6d19f4d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eac6d19f4d.news-mezutu.com/
Cookie: _subid=376l60j117j6cq; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:21 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6d2; expires=Sat, 08 Jun 2024 17:50:21 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 784 B |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
Hash1ba1a21c8876dbaa3b3b1457aadec340 2373a127295c1cab8d143eb10fe1870d29f02150 47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eac6d19f4d.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:21 GMT
date: Wed, 08 May 2024 17:50:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL 92e19f3d7b.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd3232828f.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 53 kB |
URL fd3232828f.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash052388913125450985761faa5d88cdc3 188f21ffedb048a8c03e25a51ccfeca86f60ca73 c88b3787ff0ef91ed3545172b1abcc70c313a0c817fc181a57416e1322d76d63
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: fd3232828f.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fd3232828f.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/search-icon.png | 23.158.56.201 | | 461 B |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/search-icon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2
GET /lands/36/img/search-icon.png HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 91f7a29534.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 91f7a29534.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash0c984f87e15ccef94e54afc78ecb32ab 48281694b045a752f5fbaa5371cb363ac0d46f0e 016a5fc76f316e150c7764643da5a3d1cdacd5cf3e35cce2ff8df6124f1fc9d0
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 91f7a29534.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91f7a29534.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-15.jpg | 23.158.56.201 | | 9.7 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-15.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f
GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL 92e19f3d7b.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/
Cookie: _subid=376l60j117j6d2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:21 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6da; expires=Sat, 08 Jun 2024 17:50:21 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://92e19f3d7b.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-length: 0
location: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 8d0b79c241.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 8d0b79c241.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 8d0b79c241.news-mezutu.com/lands/53/css/style.css | 23.158.56.201 | | 1.3 kB |
URL 8d0b79c241.news-mezutu.com/lands/53/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4928), with no line terminators Hash6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8
GET /lands/53/css/style.css HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 8d0b79c241.news-mezutu.com/lands/53/images/spinning-circles2.svg | 23.158.56.201 | | 503 B |
URL 8d0b79c241.news-mezutu.com/lands/53/images/spinning-circles2.svg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 8d0b79c241.news-mezutu.com/lands/53/images/video.gif | 23.158.56.201 | | 500 kB |
URL 8d0b79c241.news-mezutu.com/lands/53/images/video.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 320 x 180 Size500 kB (500082 bytes) Hash2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /lands/53/images/video.gif HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/
Cookie: _subid=376l60j117j6da; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:21 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6dg; expires=Sat, 08 Jun 2024 17:50:21 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8d0b79c241.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-length: 0
location: https://e3b587b9aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e3b587b9aa.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL e3b587b9aa.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: e3b587b9aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e3b587b9aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e3b587b9aa.news-mezutu.com/
Cookie: _subid=376l60j117j6dg; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:21 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6dj; expires=Sat, 08 Jun 2024 17:50:21 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| 8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 16 kB |
URL 8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (14721) Hasha88a7a6d52ee79514fc5fac957e25819 8341f3d926a5b1c69a02736c10d5e3e88cf31b67 080c1dee0f2e12a3eba2668aa76211f676a6e67f3f9f8d5cc8815408cc0674e0
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://92e19f3d7b.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 08e4f26603.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 08e4f26603.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 08e4f26603.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08e4f26603.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08e4f26603.news-mezutu.com/
Cookie: _subid=376l60j117j6dj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:22 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6dr; expires=Sat, 08 Jun 2024 17:50:22 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| 8d0b79c241.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 8d0b79c241.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash0c3106e8591c4f76b282a9a5b03876a6 9fb06b668e3ee25db741922a3f63f2a6692e134b 9b560eb7ae82f7267002f08b49976528d340218e05265b1d98382bae930984ae
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8d0b79c241.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d0b79c241.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 0f76ae8d55.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL 0f76ae8d55.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hashddc2654c4b1731fd54684a55f88dac60 526c9e11a0b3c7bacebd61e3dea034e34863a0c8 d4fac3dbf73d75546a1d18298c7127cdf20b1ee423abfd0da9c1d6db26451598
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0f76ae8d55.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://08e4f26603.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 0f76ae8d55.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL 0f76ae8d55.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: 0f76ae8d55.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0f76ae8d55.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 0f76ae8d55.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 0f76ae8d55.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 0f76ae8d55.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0f76ae8d55.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0f76ae8d55.news-mezutu.com/
Cookie: _subid=376l60j117j6dr; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:22 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6e2; expires=Sat, 08 Jun 2024 17:50:22 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0f76ae8d55.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-length: 0
location: https://ca2f9cd650.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ca2f9cd650.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL ca2f9cd650.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: ca2f9cd650.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ca2f9cd650.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 455b7e3a62.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 57 kB |
URL 455b7e3a62.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash50c2a85f260db2f9273ad366a8fdb3ff 35b1e4e5336695195861d85fa5ef95286722c35f 668776b2963c2b58ac6241e4b204828e7ac2575245f6e78bfc21183f3d26e059
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 455b7e3a62.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1a6891a66c.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ca2f9cd650.news-mezutu.com/
Cookie: _subid=376l60j117j6e2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:22 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6e5; expires=Sat, 08 Jun 2024 17:50:22 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| 72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 49 kB |
URL 72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (44310) Hash42822d2902ddb1787c604caadad18937 e4df798065ad7d6ae297c83582a9b6b13c24f1eb 160ec4b94e6b71e0f486d83f50d8ec66638a5e830c9d3b816b604f9e79aa48c7
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 72710531c6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://455b7e3a62.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e3b587b9aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 17 kB |
URL e3b587b9aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash7f8210dd3fada5eef55e2a6a52c9c9d0 85dd132d067361d256d09e44aaf64c560a8319e0 d4216c1740a6bfbe2fd341d11f4acbb31fefcbc30517492e8be3e0e3724539f9
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e3b587b9aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8d0b79c241.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d70a3d8d52.news-mezutu.com/
Cookie: _subid=376l60j117j6e5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:23 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ea; expires=Sat, 08 Jun 2024 17:50:23 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d70a3d8d52.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-length: 0
location: https://3f215fb4ad.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3f215fb4ad.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 3f215fb4ad.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 3f215fb4ad.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3f215fb4ad.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 08e4f26603.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 91 kB |
URL 08e4f26603.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (63955) Hash65f5b514e674c2e1440b5ecc5806483a 3f9b3e985d8e88772b0e49fe11a38b9b341e7a1b 9648fe6b0a925094ef2f885818a3f6abb36e160c0b486cbc05e725319fd0a828
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 08e4f26603.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e3b587b9aa.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3f215fb4ad.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-length: 0
location: https://9f91db0439.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ca2f9cd650.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 94 kB |
URL ca2f9cd650.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (44310) Hashf9f3f0756b1e04896f596042103e2ab5 4afd347267de43e353704e7b62c499ed39572553 458dd7af3da7c0e95f6de3966b850dfdf345b7fd9fa795d5620bf79ffb110821
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ca2f9cd650.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0f76ae8d55.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 9f91db0439.news-mezutu.com/lands/48/preloader-43.5794040.gif | 23.158.56.201 | | 7.0 kB |
URL 9f91db0439.news-mezutu.com/lands/48/preloader-43.5794040.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 160 x 160 Hash5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e
GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 9f91db0439.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9f91db0439.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 9f91db0439.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 9f91db0439.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash14786f43118130659e6d4933d2d34f68 d2625d0371398dc690c92fedd2f8a20b1c85b1ec 946d8aa5a7510fe825448344e647f9f3fc1fd4044029b7166bd78c33873dc00c
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9f91db0439.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9f91db0439.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9f91db0439.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-length: 0
location: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL c510e999ec.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 18 kB |
URL 92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcb47bfa2325bf18a050ee87b3ab827fa cdd52c5f288a996d2556c3554ea9450ad08b4514 cfa0fee681d0869eb4bf6de99036ec716ca24356d736298eb9cd5283d20dfc52
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eac6d19f4d.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c510e999ec.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL c510e999ec.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c510e999ec.news-mezutu.com/
Cookie: _subid=376l60j117j6ej; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:23 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6er; expires=Sat, 08 Jun 2024 17:50:23 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c510e999ec.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-length: 0
location: https://e921a23434.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e921a23434.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL e921a23434.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hash021c11ef8070d4b3530ffeb79dfe5792 d1eda890c3e50effe710abbdc45c76046e1d15bc 42fb4be8a331e95057838faa61db46b4f03e9f1aee22b3917f8bbd0653bcbbb6
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e921a23434.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c510e999ec.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 49 kB |
URL 21288469c2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash30a6bd720465202ff08f5a8a69ba0248 2f1e9e7d3a83196b1061663d2c6ad50bfea71d41 ee8617efa2ea07b607442887c6332d18af7dd8658e729819824a9c97f11f6cac
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 21288469c2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c77fe5e4e9.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e921a23434.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL e921a23434.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: e921a23434.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e921a23434.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e921a23434.news-mezutu.com/
Cookie: _subid=376l60j117j6er; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:24 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ev; expires=Sat, 08 Jun 2024 17:50:24 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e921a23434.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-length: 0
location: https://32a012c076.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 32a012c076.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 32a012c076.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 32a012c076.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32a012c076.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://32a012c076.news-mezutu.com/
Cookie: _subid=376l60j117j6ev; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:24 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6f1; expires=Sat, 08 Jun 2024 17:50:24 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32a012c076.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-length: 0
location: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 3c309874f7.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/lands/53/css/style.css | 23.158.56.201 | | 1.3 kB |
URL 3c309874f7.news-mezutu.com/lands/53/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4928), with no line terminators Hash6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8
GET /lands/53/css/style.css HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/lands/53/images/spinning-circles2.svg | 23.158.56.201 | | 503 B |
URL 3c309874f7.news-mezutu.com/lands/53/images/spinning-circles2.svg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bstnwsgwrld6.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w4h7dlnjt2dgj9513ft7fj0a&sub1=a567501&fullscreen=1 | 192.133.142.177 | | 89 kB |
URL bstnwsgwrld6.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w4h7dlnjt2dgj9513ft7fj0a&sub1=a567501&fullscreen=1 IP192.133.142.177:0
File typeJavaScript source, ASCII text, with very long lines (44310) Hasha46392300631c19735ad2012d2640479 361942b2680724a6e37314f46c7aee4b4438d9b1 c67b51b85aaf3f65b38f92150a86a94062c0bbee1aa5d9bb7aff5048ee90af42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w4h7dlnjt2dgj9513ft7fj0a&sub1=a567501&fullscreen=1 HTTP/1.1
Host: bstnwsgwrld6.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hearog.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:10 GMT
content-type: text/html; charset=UTF-8
location: https://bstnwsgwrld6.xyz/loading/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w4h7dlnjt2dgj9513ft7fj0a&sub1=a567501&sub2=&sub3=&tb=&fullscreen=1
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3c309874f7.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-length: 0
location: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL a6a69092de.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 92e19f3d7b.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 98 kB |
URL 92e19f3d7b.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hashd31b9566dbff970161a961f25248c8b4 0ef92115747d21f557430d75903342bf2ef2a70b a4a139ec2eb88e35258e81eeae941c71ca6f9a82289c61d144f519ab6869a9bc
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 92e19f3d7b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92e19f3d7b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:21 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7eeb10e2c8.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 133 kB |
URL 7eeb10e2c8.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Size133 kB (132609 bytes) Hash9ec7d28c754e105c3157378749ab58bd e21ff24e28f0a812687b2262182f24d394ca3194 fbf241b11b02aa4ecae2714db1e90e514568e8ecfed6c0ff4ce5ed17ecc72d77
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7eeb10e2c8.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://68e3011b58.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:16 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL a6a69092de.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f6bf9a01e2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 9.2 kB |
URL f6bf9a01e2.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbc4ee08dd800e7ba4250ef45e13881a8 1fc8749475b1c5bc370729cd39cbd87353b9c896 97cc9a350a64a65bfad8cb4d49a8e716aae52196fff2699a5bb356606f3d265f
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f6bf9a01e2.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33ff167e5a.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/lands/53/images/video.gif | 23.158.56.201 | | 486 kB |
URL 3c309874f7.news-mezutu.com/lands/53/images/video.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 320 x 180 Size486 kB (486409 bytes) Hash1613654151488052010822b79f8068ea 29ef2edf62700ee7e479a137a81143a69d586952 50121eb0cc8c22263e007ad8f356c2414b4b8dd90e9474d0612e6a5af481c7c4
GET /lands/53/images/video.gif HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 3c309874f7.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash05bc118258ac8a5ac6fb2767f6c9083d da9015c45745940c0ca4ef9c07ab5797d5a291b0 f90ae4acb8f33914c84d57e0357bc024299d185cacb179ed6c696e0c9bbeed55
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a6a69092de.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-length: 0
location: https://ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ed99bd36d0.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL ed99bd36d0.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: ed99bd36d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ed99bd36d0.news-mezutu.com/lands/53/css/style.css | 23.158.56.201 | | 1.3 kB |
URL ed99bd36d0.news-mezutu.com/lands/53/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4928), with no line terminators Hash6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8
GET /lands/53/css/style.css HTTP/1.1
Host: ed99bd36d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 33ff167e5a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 3.2 kB |
URL 33ff167e5a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (1530) Hash2c9814553e1c8593a4579d85b7686c80 a850896d221ce1a60a1c6befd14f630fdb9be9d7 5aa610fe1c4868f3e2ac72dd678d12d4fd0183ef3270f4595f67060c6b75721e
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 33ff167e5a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7df151926b.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:17 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ed99bd36d0.news-mezutu.com/lands/53/images/video.gif | 23.158.56.201 | | 500 kB |
URL ed99bd36d0.news-mezutu.com/lands/53/images/video.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 320 x 180 Size500 kB (500082 bytes) Hash2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /lands/53/images/video.gif HTTP/1.1
Host: ed99bd36d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ed99bd36d0.news-mezutu.com/
Cookie: _subid=376l60j117j6fe; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:25 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6fl; expires=Sat, 08 Jun 2024 17:50:25 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:50 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ed99bd36d0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-length: 0
location: https://efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| efca7578aa.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL efca7578aa.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: efca7578aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 1.3 kB |
URL a6a69092de.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typegzip compressed data, max compression, from Unix Hashbd3ea4eeb3aa3a62de866b07ed55d395 cb262de17da58beb65f44be594ccb38ab353e1d1 cfe5f3758f63c12f003a95614d0431b16c77c9d4bbdc4af5248ac4c6153761aa
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| efca7578aa.news-mezutu.com/lands/53/images/spinning-circles2.svg | 23.158.56.201 | | 503 B |
URL efca7578aa.news-mezutu.com/lands/53/images/spinning-circles2.svg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: efca7578aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| efca7578aa.news-mezutu.com/lands/53/images/video.gif | 23.158.56.201 | | 500 kB |
URL efca7578aa.news-mezutu.com/lands/53/images/video.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 320 x 180 Size500 kB (500082 bytes) Hash2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /lands/53/images/video.gif HTTP/1.1
Host: efca7578aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 61 kB |
URL efca7578aa.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (44310) Hashafa2d6353b4d6be2ca76399bc1e0da9b 0051ca551c5faf23e1f101a19bcf97dd57a95af5 3d5cf069c8c249f664c371c1f8211244447b19c79866d5b85b00f17758a1f6c4
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: efca7578aa.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ed99bd36d0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://efca7578aa.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-length: 0
location: https://b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hashbacf235ae1208393964d6ef63d22fb17 c0b1984485d60afa86b1a2b71c1b151a4360a008 474e91745dac967192a153dcec0fdff38fb6a0858030abda71ef05510cd1a6a2
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b0cd9965d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://efca7578aa.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| b0cd9965d0.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL b0cd9965d0.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: b0cd9965d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| b0cd9965d0.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL b0cd9965d0.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: b0cd9965d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0cd9965d0.news-mezutu.com/
Cookie: _subid=376l60j117j6fp; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:25 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6fv; expires=Sat, 08 Jun 2024 17:50:25 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:50 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b0cd9965d0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-length: 0
location: https://1ad6803385.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| b0cd9965d0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 53 kB |
URL b0cd9965d0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash13bf464a09f6410493bba7d89725b43c 8f8acf77ad1c1dc69ea7c2596017a69aeddcccdf 02b62e5a0c99d0d410d0e849e4ea87d380d3478dc9985f0abcabdea0e8278bb1
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b0cd9965d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0cd9965d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| ed99bd36d0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL ed99bd36d0.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash0a29a63e049994c5bccfb843ca474863 46dab8c6917f11f26b8c53a2d276db01f19c2c04 e7409a80d333659b85ce2071187fc8548a4bf6ef5dd380205c577644974895be
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ed99bd36d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 1ad6803385.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 1ad6803385.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash1d051f433b3172b4a9beafed300a6e10 5331d3f7e9d8c184aeec86f4cf8ca3ef05b04a06 76c0706467a38d0fbc4752b8001515d85b04291056df5e2f1852d957fee69df6
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1ad6803385.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ad6803385.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 87d10935ac.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 87d10935ac.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 87d10935ac.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87d10935ac.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87d10935ac.news-mezutu.com/
Cookie: _subid=376l60j117j6g1; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:26 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6g6; expires=Sat, 08 Jun 2024 17:50:26 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:52 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://87d10935ac.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-length: 0
location: https://a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hash7c6bb3dbaaaadf2b49bdc2b7525df771 56a6501cff11be6a7528104f53cd82a536972bf7 46d670e67192cf3992e0604fd7194f3e4c18cc0e09b3699a94853a5b5dafd3e8
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a9c680c2c5.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://87d10935ac.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a9c680c2c5.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL a9c680c2c5.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: a9c680c2c5.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9c680c2c5.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL a9c680c2c5.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: a9c680c2c5.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 784 B |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
Hash1ba1a21c8876dbaa3b3b1457aadec340 2373a127295c1cab8d143eb10fe1870d29f02150 47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0cd9965d0.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:25 GMT
date: Wed, 08 May 2024 17:50:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a9c680c2c5.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-length: 0
location: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 3407538cf7.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL 3407538cf7.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL 3407538cf7.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 8.6 kB |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
File typegzip compressed data, max compression Hash7ab06819797f3fe2dd1a3679fef5dfe0 6b78218c60e71080977fe51817aa4304d6a1dd73 356d17126469cceba7c62f9ae2cd7a00169522813fff0d1da3cf12e50ed3f806
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9c680c2c5.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:26 GMT
date: Wed, 08 May 2024 17:50:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 3407538cf7.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL 3407538cf7.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 08e4f26603.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 93 kB |
URL 08e4f26603.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash27687949647c6b2d6e9b8cd6bb105f26 337a58d9011efd7a851be0e6438d86e980a3d12a a7ea8288c8cd165163158fa80fa59c153d9db55cf869271aa6a031430d4bc984
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 08e4f26603.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08e4f26603.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL 3407538cf7.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL 3407538cf7.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/
Cookie: _subid=376l60j117j6gc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:26 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6gj; expires=Sat, 08 Jun 2024 17:50:26 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:52 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3407538cf7.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-length: 0
location: https://9852f9e7ae.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a9c680c2c5.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 144 kB |
URL a9c680c2c5.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Size144 kB (144082 bytes) Hash2e50424f24aebe0f1d54d19f696c810f cc9fdb1faca2f975baf282f821a44c680f027a3f 3ec893fece57137a730fffb5c757ec1bb0bfe089368a3b7912175e0072b07a49
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a9c680c2c5.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9c680c2c5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9852f9e7ae.news-mezutu.com/
Cookie: _subid=376l60j117j6gj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:27 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6gp; expires=Sat, 08 Jun 2024 17:50:27 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:54 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9852f9e7ae.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-length: 0
location: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL 3d451e4b50.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3f215fb4ad.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 18 kB |
URL 3f215fb4ad.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash18e1294c46a5f25cc2107e300f098127 7b3911216851356556db5d3784719e9369d947ea 6b7d38bec8a5444719a4feb02031f27e57e8f678a3f6b6410708e000698ecaff
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3f215fb4ad.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d70a3d8d52.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 72710531c6.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 48 kB |
URL 72710531c6.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash9772ccf69a7a77ef176372f1a76b5809 e7354cd98b3cf96f21cbc312ac11ca018d69fa45 a099e7054ba1b584dbb7d9f8cd2cd76489c1f620be5730317274432666c5a551
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 72710531c6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://72710531c6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3f215fb4ad.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 3f215fb4ad.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha5fe30ecd8fb2fd7ff379c3fe682b145 c171ff606da83d38abea6d2fa7ce6c039a797b3b c3da495531f2c5463db39383905d60d33b42cde4b6187e69413d17fb05eca7ef
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3f215fb4ad.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3f215fb4ad.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 47 kB |
URL 3c309874f7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash71960f9cff092aeda4d9928d8297f24f d571818b787bdef4ddaf3b53107d9eb94d4af0ab df3f4506d8c802fa5e6156beba1fa02c8542cd24b85ccd2d182eb321c7823c28
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3c309874f7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32a012c076.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 11 kB |
URL a6a69092de.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash05bdce2c6f5207fd788cad4d8d42b108 d3c926b8221ade1271d8e7db6e861230fda2156e 7515fea7112f86df84775b30fd59692d9abd5e39abb1f7c2bfccdbefd3f2ef90
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a6a69092de.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3c309874f7.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 3d451e4b50.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fd3232828f.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 20 kB |
URL fd3232828f.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash27c4ddfa54f31a2594ac0893404e9101 f7ff8d8c55a79d197f6226fb01c06d0878961337 24da1b9deda26c4c406eec26000d3d48b5270a49b338864b05b5a2c526d45a78
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: fd3232828f.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91f7a29534.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 13 kB |
URL e8d15e50f6.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha57901d3db32d9d10d9805d88168176c 911450218e1a2f12e28651e76b3c3599eb888886 3070e15747a068ad4b1df0612b2f7434e3ff4e0eaf8452a0ba59b18d99a76bad
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e8d15e50f6.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f0d2737db0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:15 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 25 kB |
URL ed99bd36d0.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash525605a0e8fbb7a7c31473fe485670c7 6743e7c4f02b670f478dd505f0f3b5ec01211928 556279ba745a2d1c20487ee47da09dc809c8cf716814a6050f4ed262feeabe74
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ed99bd36d0.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a6a69092de.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:25 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 87d10935ac.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 18 kB |
URL 87d10935ac.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha2a862098a39f797f1fd4577a71f7435 6477f7958e3d73f97d2a6c316b1fcd61c365e827 d462f89b7654e0e5a821c38696a2c978bd4e9fff5f75fd7c4acfbc97ab0d2526
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 87d10935ac.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1ad6803385.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 55 kB |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
File typegzip compressed data, max compression Hashb654bd5879de642aa410aca76292e0dd 281fdf720b93b982911acbbd13aa14ee552ad23b 6376473e5f63498de9e63a233b585e63bb24a77b3e2f3259927dbbad1ac85048
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e921a23434.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:24 GMT
date: Wed, 08 May 2024 17:50:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-15.jpg | 23.158.56.201 | | 9.7 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-15.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f
GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 3407538cf7.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash1f9338c8a1bdd3eb32cc286c0bc75e87 8289e9b568f9802bec9c13154e67013aefd1248a cd5e16caf0d887515580dca57531f26e147cda37efbf75a84b8cde42f995928b
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 20 kB |
URL 3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash36d6917c4a8d881448cb27ea50f73d24 ce199717723615d8ccee3d634da766bfba15f5d4 9715b6552336c3e7ea78f566c7f1bd5fb7bf9743f79b9235ae28efbee55f2c0c
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9852f9e7ae.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3d451e4b50.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL 3d451e4b50.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 3d451e4b50.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3d451e4b50.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1a6891a66c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 9.8 kB |
URL 1a6891a66c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (7601) Hashebd5e146b3e4f7961d96346c4b8eb933 0750f671c4474d09a67502c2f98564310f5bb331 d2b3be91eb9a016bc58d7aa41c085c69db12540606ec3748e0963cdff59b4c7d
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1a6891a66c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://34a3bbd4db.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:18 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3d451e4b50.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-length: 0
location: https://cf66a54feb.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 32a012c076.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 62 kB |
URL 32a012c076.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash5c249b74912501e3a60f5b2183dc363f 83e167514a07eab4c63612e7287bbb691905981e 7cf632500a5da628cf400a4b3d642c1b509e10d373151e2a7df843b6d989b455
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 32a012c076.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e921a23434.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:24 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cf66a54feb.news-mezutu.com/
Cookie: _subid=376l60j117j6h1; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:27 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ha; expires=Sat, 08 Jun 2024 17:50:27 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:54 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 48 kB |
URL c510e999ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (44310) Hash77c5eeebbae8fbb798ef0da470297370 87069a091e4d9cd8e2725f928781b24bd98cac69 9fb1f40b38b599e1dc71392600ab2ae3810e61e8f85b72c423c36f538cf7291b
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c510e999ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9f91db0439.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:23 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 86b7c0aa1a.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 86b7c0aa1a.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 86b7c0aa1a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://86b7c0aa1a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 86b7c0aa1a.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 86b7c0aa1a.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hashc8ac952ffee930df6c589c33299c7c25 f2a0948a4630ba719b2c61751ba4f9228eae89d0 ecf14896025834b13464cc210d16caff5447683fd3855f319a91f6ddbf59fbe1
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 86b7c0aa1a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://86b7c0aa1a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://86b7c0aa1a.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-length: 0
location: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 3e45a2eb30.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL 3e45a2eb30.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1ad6803385.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 96 kB |
URL 1ad6803385.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (63955) Hashfef4a92b892d5497d40ecff14dfb6310 3369d7e0cc02758a11c85ca52335923ff4679ab0 1f000acfddcb6c32448fb048c2e7e2afe8f08d737282d3c9d30b519cdc618931
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1ad6803385.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b0cd9965d0.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL 3e45a2eb30.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 91f7a29534.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 84 kB |
URL 91f7a29534.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Hash98e3c3477a43d6d5704621d24c17c40b 159fe9b7df9a12074a89bd1f58ef6ba6ab4dd30e ea3b935769ca96a193c314f4db452e1e58d03c0eb3e85a0da8ace106758563d8
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 91f7a29534.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21288469c2.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:20 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL 3e45a2eb30.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL 3e45a2eb30.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3e45a2eb30.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL 3e45a2eb30.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: 3e45a2eb30.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3e45a2eb30.news-mezutu.com/
Cookie: _subid=376l60j117j6hf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:28 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6hn; expires=Sat, 08 Jun 2024 17:50:28 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3e45a2eb30.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-length: 0
location: https://800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 800b1a2172.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 800b1a2172.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 800b1a2172.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 800b1a2172.news-mezutu.com/lands/48/preloader-43.5794040.gif | 23.158.56.201 | | 7.0 kB |
URL 800b1a2172.news-mezutu.com/lands/48/preloader-43.5794040.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 160 x 160 Hash5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e
GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 800b1a2172.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://800b1a2172.news-mezutu.com/
Cookie: _subid=376l60j117j6hn; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:28 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6hs; expires=Sat, 08 Jun 2024 17:50:28 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://800b1a2172.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-length: 0
location: https://e563c40427.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e563c40427.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL e563c40427.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: e563c40427.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e563c40427.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e563c40427.news-mezutu.com/
Cookie: _subid=376l60j117j6hs; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:28 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6i5; expires=Sat, 08 Jun 2024 17:50:28 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e563c40427.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-length: 0
location: https://7863946280.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 7863946280.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 7863946280.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 7863946280.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7863946280.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e563c40427.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 52 kB |
URL e563c40427.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash5e1ccc07d231489d7e7a13b8ee20950a 71b286fe3d82e08fe3e2db14aa65bdae35ebe6a6 9e940397d621565e58ea5618f2716c0dcd989fdbf9907a7d65badc15e4627e56
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e563c40427.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e563c40427.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7863946280.news-mezutu.com/
Cookie: _subid=376l60j117j6i5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:28 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6i9; expires=Sat, 08 Jun 2024 17:50:28 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7863946280.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-length: 0
location: https://ff32fa4301.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ff32fa4301.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL ff32fa4301.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: ff32fa4301.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ff32fa4301.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ff32fa4301.news-mezutu.com/
Cookie: _subid=376l60j117j6i9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:29 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ie; expires=Sat, 08 Jun 2024 17:50:29 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ff32fa4301.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-length: 0
location: https://d32a390470.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| d32a390470.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL d32a390470.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: d32a390470.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d32a390470.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| d32a390470.news-mezutu.com/lands/48/preloader-43.5794040.gif | 23.158.56.201 | | 7.0 kB |
URL d32a390470.news-mezutu.com/lands/48/preloader-43.5794040.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 160 x 160 Hash5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e
GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: d32a390470.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d32a390470.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7863946280.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 7863946280.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash72e24002e869dd52c0ac1210ef0bf8a8 ec650c3f32c6cf95342d33e859e4ee83b0c1478a 66e07802104bf8e67d13dc4666924fe8a1c75271b2013c9b4d5c598834cb7737
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7863946280.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7863946280.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d32a390470.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-length: 0
location: https://b481f24ea5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| d32a390470.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 53 kB |
URL d32a390470.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash9b94b3e8e6cfab343cffbd24d2ea4c34 6f0c05efe8cc969e4411803d8dad9f9a1e756d72 d6e85201ed29e6d88bda7d3f4e4904e1dada5fb3c07511ee140a54bf9640edf1
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d32a390470.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d32a390470.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b481f24ea5.news-mezutu.com/
Cookie: _subid=376l60j117j6il; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:29 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6ip; expires=Sat, 08 Jun 2024 17:50:29 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b481f24ea5.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-length: 0
location: https://85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL 85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hash778766ca27e464ee1b32017b270a0d01 3bcce70f98aeeb2c7225eab293856ca8f060252f 4bce676e78fb970c0fe364b6888799a34057412e7877f059254dbf3f7ed3652e
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 85e56d9d14.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b481f24ea5.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 85e56d9d14.news-mezutu.com/lands/20/style.css | 23.158.56.201 | | 868 B |
URL 85e56d9d14.news-mezutu.com/lands/20/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (2230), with no line terminators Hashd4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
GET /lands/20/style.css HTTP/1.1
Host: 85e56d9d14.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 85e56d9d14.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 85e56d9d14.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 85e56d9d14.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://85e56d9d14.news-mezutu.com/
Cookie: _subid=376l60j117j6ip; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:29 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6iu; expires=Sat, 08 Jun 2024 17:50:29 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:40:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://85e56d9d14.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-length: 0
location: https://35bd97bb65.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 87d10935ac.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 98 kB |
URL 87d10935ac.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash4ddad1a3216ed7c98eeebc57a2042987 2653f70133bdd81a26ae6f4b6c23e0f41a72bffd 505c34237a2e83ac42c398927c619d657f58d30ed8d88bcea0129e3989a3f6df
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 87d10935ac.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87d10935ac.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| b481f24ea5.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL b481f24ea5.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hashcd0e5e7e75cae4a735b49424b8071a7a 08b791bb3de35778d2c2c1ba9b34c9984fc76d11 9ecc0d5f6d5f7a2f1413e752610965965f0b0d6d194b35b908d4873d212a4c65
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b481f24ea5.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b481f24ea5.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35bd97bb65.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-length: 0
location: https://b0f8837cff.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 85e56d9d14.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 85e56d9d14.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashf29d20f6de55730b36b641b2ab994b82 27cf733cdd4cb73ad01b70b45d937040968cc2db 5731a4df1adbfc65c0797daa128d78a45ee68f4963309c6f06570b8485b8b13b
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 85e56d9d14.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://85e56d9d14.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b0f8837cff.news-mezutu.com/
Cookie: _subid=376l60j117j6j7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:30 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6jb; expires=Sat, 08 Jun 2024 17:50:30 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:00 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b0f8837cff.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-length: 0
location: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| ff32fa4301.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL ff32fa4301.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (44310) Hash9ab04f11a095173db6093f07731bc721 0c0fa581de426098434f6845314731cd66b67fc1 39d19935c29cae2de5d969bc9c935886b80dd2155855cac053515e31d8b71b5e
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ff32fa4301.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ff32fa4301.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:29 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 3447064503.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL 3447064503.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 3447064503.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/search-icon.png | 23.158.56.201 | | 461 B |
URL 3447064503.news-mezutu.com/lands/36/img/search-icon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2
GET /lands/36/img/search-icon.png HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL 3447064503.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL 3447064503.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 3447064503.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL 3447064503.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-15.jpg | 23.158.56.201 | | 9.7 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-15.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f
GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL 3447064503.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/
Cookie: _subid=376l60j117j6jb; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:30 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6jg; expires=Sat, 08 Jun 2024 17:50:30 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:00 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3447064503.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-length: 0
location: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL a9d1f7d51c.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL a9d1f7d51c.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/
Cookie: _subid=376l60j117j6jg; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:31 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6jo; expires=Sat, 08 Jun 2024 17:50:31 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 95.216.37.224 | | 45 kB |
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP95.216.37.224:0 ASN#24940 Hetzner Online GmbH
Hash93b14891e235f1e5e2b6cb014d9eb66c b0f5f059c6b4d479615c75092fce6363d61d8223 e4860bd96f7891fcba254d9cfbf939aea61e0f470de88d2d8af9617ba554069e
GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9852f9e7ae.news-mezutu.com/
Origin: https://9852f9e7ae.news-mezutu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://9852f9e7ae.news-mezutu.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 1466825229.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 1466825229.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 1466825229.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1466825229.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a9d1f7d51c.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 46 kB |
URL a9d1f7d51c.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4e3b413d9d7fcd78ac6cb583893c6f26 742c88b872bef91cf1d10fad18810720098c1b48 d4bfade55943d59a89f4322a1c70857f3b54f43219b4ffa63eb1da766deb5384
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 1466825229.news-mezutu.com/lands/57/js/device.js | 23.158.56.201 | | 1.1 kB |
URL 1466825229.news-mezutu.com/lands/57/js/device.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (3289), with no line terminators Hash2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85
GET /lands/57/js/device.js HTTP/1.1
Host: 1466825229.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1466825229.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1466825229.news-mezutu.com/
Cookie: _subid=376l60j117j6jo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:31 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6k1; expires=Sat, 08 Jun 2024 17:50:31 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1466825229.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-length: 0
location: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 38ef9aa99c.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 38ef9aa99c.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 38ef9aa99c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 38ef9aa99c.news-mezutu.com/lands/53/css/style.css | 23.158.56.201 | | 1.3 kB |
URL 38ef9aa99c.news-mezutu.com/lands/53/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4928), with no line terminators Hash6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8
GET /lands/53/css/style.css HTTP/1.1
Host: 38ef9aa99c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 38ef9aa99c.news-mezutu.com/lands/53/images/spinning-circles2.svg | 23.158.56.201 | | 503 B |
URL 38ef9aa99c.news-mezutu.com/lands/53/images/spinning-circles2.svg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeSVG Scalable Vector Graphics image Hash14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 38ef9aa99c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 38ef9aa99c.news-mezutu.com/lands/53/images/video.gif | 23.158.56.201 | | 500 kB |
URL 38ef9aa99c.news-mezutu.com/lands/53/images/video.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 320 x 180 Size500 kB (500082 bytes) Hash2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /lands/53/images/video.gif HTTP/1.1
Host: 38ef9aa99c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/
Cookie: _subid=376l60j117j6k1; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:31 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6k4; expires=Sat, 08 Jun 2024 17:50:31 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 7.9 kB |
URL a9d1f7d51c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3027) Hashbf0aa146106155bd506ca2564d01ef43 f770581322f5b4be74638addbcecf27a2551abae d323efb34e94b1ac7967e578c8ad85ab08e760ec2a227319f0e707797f1b6462
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a9d1f7d51c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3447064503.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 4030f7a8c3.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 4030f7a8c3.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 4030f7a8c3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4030f7a8c3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4030f7a8c3.news-mezutu.com/
Cookie: _subid=376l60j117j6k4; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:31 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6kb; expires=Sat, 08 Jun 2024 17:50:31 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4030f7a8c3.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-length: 0
location: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL f1fab69ad9.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL f1fab69ad9.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/
Cookie: _subid=376l60j117j6kb; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:32 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6kg; expires=Sat, 08 Jun 2024 17:50:32 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:04 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f1fab69ad9.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-length: 0
location: https://a2590e46a7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e563c40427.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 18 kB |
URL e563c40427.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha1e572cda715c31b9ab4724ace247e9f e5f8705f6cfb4b61823bad163199e10590f84bbc b8da91097eaa286deae8c5d82907fa2653f8a8917999e6e523f9f814392edfcc
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e563c40427.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://800b1a2172.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a2590e46a7.news-mezutu.com/lands/48/preloader-43.5794040.gif | 23.158.56.201 | | 7.0 kB |
URL a2590e46a7.news-mezutu.com/lands/48/preloader-43.5794040.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 160 x 160 Hash5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e
GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: a2590e46a7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a2590e46a7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| d70a3d8d52.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 122 kB |
URL d70a3d8d52.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Size122 kB (122120 bytes) Hash66078414229fdc15c9fad789a82d27d5 9b80074dccd7b3118571578b64bb9f8f5a678588 616336c59073247d87a862177452104b888235375753e711c44475c8109c1b73
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d70a3d8d52.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ca2f9cd650.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:22 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a2590e46a7.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-length: 0
location: https://e43780e85d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 86b7c0aa1a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 86 kB |
URL 86b7c0aa1a.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Hash4131e515d31d1cb3667d73b39dc5f75b c646ca4253bdcf83195a13a2cde5ca54ab7523c9 a47fa7644dfcd07981a910314cbe45b0ddfc2454c1852db5e02a7f0ab35e2946
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 86b7c0aa1a.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cf66a54feb.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:27 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| e43780e85d.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL e43780e85d.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hasha3d8863b8f7defc250ed654f3cc63b87 01ecb02ae418355ed5f8800fda998a33ecc83f88 3c3d9aba570b035d3756ade365f5f6acbd9403585037bb7e8264d71092526e4b
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e43780e85d.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e43780e85d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e43780e85d.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-length: 0
location: https://fc7a032613.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| fc7a032613.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL fc7a032613.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: fc7a032613.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc7a032613.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc7a032613.news-mezutu.com/
Cookie: _subid=376l60j117j6ko; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:32 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6kt; expires=Sat, 08 Jun 2024 17:50:32 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:04 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fc7a032613.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-length: 0
location: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 4dda690542.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon1.png | 23.158.56.201 | | 7.3 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon1.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
GET /lands/39/img/icon1.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon2.png | 23.158.56.201 | | 4.6 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon2.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
GET /lands/39/img/icon2.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon3.png | 23.158.56.201 | | 7.8 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon3.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
GET /lands/39/img/icon3.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon4.png | 23.158.56.201 | | 7.0 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon4.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
GET /lands/39/img/icon4.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon5.png | 23.158.56.201 | | 3.3 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon5.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
GET /lands/39/img/icon5.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon7.png | 23.158.56.201 | | 3.3 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon7.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
GET /lands/39/img/icon7.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4dda690542.news-mezutu.com/lands/39/img/icon8.png | 23.158.56.201 | | 4.1 kB |
URL 4dda690542.news-mezutu.com/lands/39/img/icon8.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
GET /lands/39/img/icon8.png HTTP/1.1
Host: 4dda690542.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4dda690542.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e43780e85d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 77 kB |
URL e43780e85d.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (64512) Hash1abb28eb58c247adcb1231528e604ae3 59cdaa72ba82ab939f53fc0297bd2f6b3e29f60c 2f5898632a4d052dfcb18a54dbf5d671621df092c77655c30e5c8ea2797ce9a9
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e43780e85d.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a2590e46a7.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:32 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dda690542.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-length: 0
location: https://766e039fc3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 766e039fc3.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 766e039fc3.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 766e039fc3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://766e039fc3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 766e039fc3.news-mezutu.com/lands/48/preloader-43.5794040.gif | 23.158.56.201 | | 7.0 kB |
URL 766e039fc3.news-mezutu.com/lands/48/preloader-43.5794040.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 160 x 160 Hash5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e
GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 766e039fc3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://766e039fc3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 38 kB |
URL 800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, Unicode text, UTF-8 text, with very long lines (36946) Hash26de9adb20b09eaf9a53e77e83f17338 5df01268db31a56029c9914438aa117ed4b04941 a132c7c9e17486fe9c1518638a60d4084da237a5628f9ad21f42959ea81f46a8
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 800b1a2172.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3e45a2eb30.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://766e039fc3.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-length: 0
location: https://a7ebce342b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 766e039fc3.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 53 kB |
URL 766e039fc3.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcf4d2ea24be223abb5436372ac321eed a13ab127b9df0eb8ce2aadf126078cc755dd87af 539f1b5e78fbfb9a4a13c721b15941cf636e0656c780f8c144072949f8bbaa36
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 766e039fc3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://766e039fc3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a7ebce342b.news-mezutu.com/
Cookie: _subid=376l60j117j6l6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:33 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6l9; expires=Sat, 08 Jun 2024 17:50:33 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:06 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| 800b1a2172.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 45 kB |
URL 800b1a2172.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash10e33d002da0cb7908adf1da14cbe6a9 b2e880b0dc45eb7dcdf036429ad89854cd5c028b 1c3e87baaee6c67dc08c62d0b25bd9080170427ecfe47d3d8c6c8ae1b98d22c3
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 800b1a2172.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://800b1a2172.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| cdf7ec12c3.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL cdf7ec12c3.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: cdf7ec12c3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdf7ec12c3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdf7ec12c3.news-mezutu.com/
Cookie: _subid=376l60j117j6l9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:33 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6lj; expires=Sat, 08 Jun 2024 17:50:33 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:06 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdf7ec12c3.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-length: 0
location: https://0beb8db8ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 0beb8db8ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL 0beb8db8ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hash16512fe205c9807efde5a5de19183219 a963f7ec934d51441824c000ede658ff0157e89d 3590bad5777b92a49b14bf33eb3dd3e860702c9b88aed5601460ece6180c1ed8
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0beb8db8ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdf7ec12c3.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| a7ebce342b.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 90 kB |
URL a7ebce342b.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (44310) Hash1f6e0b9673735142db8d3990a704a4ff 7b42f319ed40f97e59177eaac38955eba9b01512 d64794827bf7e8fbc7700326d2154ddad11feafc3f9116de24d5dc026e9cc254
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a7ebce342b.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a7ebce342b.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 0beb8db8ec.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 0beb8db8ec.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 0beb8db8ec.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0beb8db8ec.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 784 B |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
Hash1ba1a21c8876dbaa3b3b1457aadec340 2373a127295c1cab8d143eb10fe1870d29f02150 47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0beb8db8ec.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:33 GMT
date: Wed, 08 May 2024 17:50:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0beb8db8ec.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-length: 0
location: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL f2bfbec576.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL f2bfbec576.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 35bd97bb65.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 9.3 kB |
URL 35bd97bb65.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash7c9d4cc2491ce4277592946966fb3538 cae6cb1a6c26ff5e563173452f1227a8566f7717 08dbb6c4ba85cb4a75db9b84408510c6685d5f2b9e152a60925634b592fdaf5e
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 35bd97bb65.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://85e56d9d14.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 35bd97bb65.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 75 kB |
URL 35bd97bb65.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbe58159d3b92cbea490dc1067dd83f30 d46d7fa54d493214d43aad54301942a09f2b1d11 2db91843d19bacf315faa18b49051ad181d4609e8c7e2ee8aa26d152c513d739
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 35bd97bb65.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35bd97bb65.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 4.2 kB |
URL 3407538cf7.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashaba26d67552f8172e8315ac58ab4d74a 048072e67c14616658fbdac6e5b72d9bf62e23fb 688385a9ad93cc2574b3d4fc4c60f2dc8f21779589d2a7b7938b594bf748b8f5
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3407538cf7.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a9c680c2c5.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:26 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL f2bfbec576.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1466825229.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 1466825229.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash1b4eb63f5b41c6e4b4355768c0fc12ed 3c2cb3eef512cdd932010be9b33a1e64494a52e4 52c8b32e0252a268c52fdd20cd421bccd967fb5c37b914bce21abaad958991ec
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1466825229.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1466825229.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 3447064503.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash376af7593b19518adca06b8c4c2cddfb 6c48fe516af8fd1e98a1d8efb2994dbfdd4bb370 ffe7a93f014492dc68cab921cffa0a9369fe8e1eb0fc4b41a5876c48dba1f191
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| b0f8837cff.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 18 kB |
URL b0f8837cff.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash14ed3bdb538e546b0750d48df4397acb 86875b4e7546e7b4f1a354fe09bcf90874efa8c1 77d9d72ff944bbb70937172603d602ba3124b3b34c544f37a8e1f2425b7ad5bd
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b0f8837cff.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35bd97bb65.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 20 kB |
URL 3447064503.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash84ed4c4005060a54e713b9ae564a5940 14147179e64c472b0c635c31a152e337d94815c8 1c70b48b3e2a2096607ea5d98d5ba05f0218e4aa3ee93d2267ea0a61a1d9e2ad
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3447064503.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b0f8837cff.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:30 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f2bfbec576.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL f2bfbec576.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2bfbec576.news-mezutu.com/
Cookie: _subid=376l60j117j6lo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:34 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6m6; expires=Sat, 08 Jun 2024 17:50:34 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:08 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f2bfbec576.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-length: 0
location: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL 11b855f121.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL 11b855f121.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/search-icon.png | 23.158.56.201 | | 461 B |
URL 11b855f121.news-mezutu.com/lands/36/img/search-icon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2
GET /lands/36/img/search-icon.png HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL 11b855f121.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL 11b855f121.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-9.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-9.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashc3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73
GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 38ef9aa99c.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 38ef9aa99c.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash7b67d713e29d321c4f88dce4402da06b ab0183f349cdc0fb44650c25d724704e4841676b 806ac055c53d240b999f8c114bcdc715b7b022581eef8cb9e7f53f796d445a14
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 38ef9aa99c.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://38ef9aa99c.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL 11b855f121.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f1fab69ad9.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL f1fab69ad9.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb150dc3a598a307782ad87c801b9721a 8f61f5f2b87fdcbdde85b31c9a795f4872ff73be 29239e08f0eb4a157a40e19bc4751ebf83d9e7a5b8a849dfdf993e80ede2d891
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f1fab69ad9.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f1fab69ad9.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/
Cookie: _subid=376l60j117j6m6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:34 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6mh; expires=Sat, 08 Jun 2024 17:50:34 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:08 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11b855f121.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-length: 0
location: https://be30c66c01.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| be30c66c01.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 1.3 kB |
URL be30c66c01.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (553) Hashe96aa9784201972367ea5f8fa0681c0e 9cd6f8238024cfb3bb0f942dfa4af8f50a212526 743bf777f30e0997bb2a52d731af363ea9922eed6e6cad592f5618f39dcfbe72
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: be30c66c01.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11b855f121.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 46 kB |
URL 11b855f121.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash1e5ab3371742d6ce1ad8011f0e5bad1e a542db05f932709ac8fc269bf7a4c6d3a044be86 2dcc69a072e1525e92703e3157814f46a65de9d774036f0dfaeb1169b67a2f72
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| be30c66c01.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL be30c66c01.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: be30c66c01.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://be30c66c01.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 10 kB |
URL 11b855f121.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeHTML document, ASCII text, with very long lines (8854) Hash0f6b661e8cb8802f5437fb6b0cf97702 044f7b6b8da5a089241340139a8cf4385ac89d14 8a451033d392d30b32f56a1c4ddb76fcfb4cf2de81d930365b732f2931b2d287
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 11b855f121.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f2bfbec576.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.123 | | 0 B |
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.123:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://be30c66c01.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-length: 0
location: https://87c29bedcb.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
|
|
| be30c66c01.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 53 kB |
URL be30c66c01.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash7732ff36b2f9bcf03990dd5e1f2caf6e 1715e61f751f688dff85da6505581195005427c5 704f2f672b3049779c244316ea24d203805f55ac0f31483fdc2ffa6c9e8683ee
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: be30c66c01.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://be30c66c01.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| 87c29bedcb.news-mezutu.com/lands/57/css/style.css | 23.158.56.201 | | 1.2 kB |
URL 87c29bedcb.news-mezutu.com/lands/57/css/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (4468), with no line terminators Hashb07eb7ba1a3bb505eba51b55f4ffa9ff fea4806dafcdda47dff4bb6aa09362ded48879d5 086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68
GET /lands/57/css/style.css HTTP/1.1
Host: 87c29bedcb.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87c29bedcb.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 87c29bedcb.news-mezutu.com/lands/57/js/device.js | 23.158.56.201 | | 1.1 kB |
URL 87c29bedcb.news-mezutu.com/lands/57/js/device.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, ASCII text, with very long lines (3289), with no line terminators Hash2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85
GET /lands/57/js/device.js HTTP/1.1
Host: 87c29bedcb.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87c29bedcb.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://87c29bedcb.news-mezutu.com/
Cookie: _subid=376l60j117j6ml; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:35 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6mp; expires=Sat, 08 Jun 2024 17:50:35 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:10 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic | 142.250.74.106 | | 784 B |
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP142.250.74.106:0
Hash1ba1a21c8876dbaa3b3b1457aadec340 2373a127295c1cab8d143eb10fe1870d29f02150 47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://be30c66c01.news-mezutu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 17:50:35 GMT
date: Wed, 08 May 2024 17:50:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| f355d78915.news-mezutu.com/lands/36/lp.js | 23.158.56.201 | | 758 B |
URL f355d78915.news-mezutu.com/lands/36/lp.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Hashdbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8
GET /lands/36/lp.js HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/revopush.js | 23.158.56.201 | | 8.1 kB |
URL f355d78915.news-mezutu.com/revopush.js IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Hash2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
GET /revopush.js HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/style.css | 23.158.56.201 | | 3.1 kB |
URL f355d78915.news-mezutu.com/lands/36/img/style.css IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeASCII text, with very long lines (11701), with no line terminators Hashdb606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae
GET /lands/36/img/style.css HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/logo.png | 23.158.56.201 | | 7.4 kB |
URL f355d78915.news-mezutu.com/lands/36/img/logo.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Hash6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193
GET /lands/36/img/logo.png HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/search-icon.png | 23.158.56.201 | | 461 B |
URL f355d78915.news-mezutu.com/lands/36/img/search-icon.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2
GET /lands/36/img/search-icon.png HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/Spin-1s-80px.gif | 23.158.56.201 | | 31 kB |
URL f355d78915.news-mezutu.com/lands/36/img/Spin-1s-80px.gif IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typeGIF image data, version 89a, 80 x 80 Hash68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676
GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/player-controls-l.png | 23.158.56.201 | | 945 B |
URL f355d78915.news-mezutu.com/lands/36/img/player-controls-l.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Hash6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324
GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/player-controls-r.png | 23.158.56.201 | | 408 B |
URL f355d78915.news-mezutu.com/lands/36/img/player-controls-r.png IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Hashf0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be
GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/player-bg.jpg | 23.158.56.201 | | 11 kB |
URL f355d78915.news-mezutu.com/lands/36/img/player-bg.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashd0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a
GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-1.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-1.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea
GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-2.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-2.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashb1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8
GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-3.jpg | 23.158.56.201 | | 9.4 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-3.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775
GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-4.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-4.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468
GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-5.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-5.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d
GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-6.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-6.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hasha83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818
GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-7.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-7.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e
GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-8.jpg | 23.158.56.201 | | 9.8 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-8.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1
GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 4030f7a8c3.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= | 23.158.56.201 | | 54 kB |
URL 4030f7a8c3.news-mezutu.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash1818f9e9954730806059a45bd3743f7e 9bb58fe8738722cc2dae1a92d251503e4b4c8601 1d690f3ceac2d53333a3f7b18009743f38317dead175d979eac58ed0227dc5ce
GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 4030f7a8c3.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4030f7a8c3.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-10.jpg | 23.158.56.201 | | 9.7 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-10.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada
GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-11.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-11.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2
GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-12.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-12.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a
GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-13.jpg | 23.158.56.201 | | 9.4 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-13.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashcd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2
GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-14.jpg | 23.158.56.201 | | 9.5 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-14.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b
GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-15.jpg | 23.158.56.201 | | 9.7 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-15.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hashbf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f
GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-16.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-16.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1
GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-17.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-17.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f
GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f355d78915.news-mezutu.com/lands/36/img/pics-18.jpg | 23.158.56.201 | | 9.6 kB |
URL f355d78915.news-mezutu.com/lands/36/img/pics-18.jpg IP23.158.56.201:0 ASN#63023 AS-GLOBALTELEHOST
Hash52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4
GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: f355d78915.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 17:50:35 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| partners-tds.com/WzJQVS | 142.202.51.61 | | 0 B |
IP142.202.51.61:0 ASN#63023 AS-GLOBALTELEHOST
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f355d78915.news-mezutu.com/
Cookie: _subid=376l60j117j6mp; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 17:50:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 17:50:35 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117j6n0; expires=Sat, 08 Jun 2024 17:50:35 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MTkwNjE0fSxcInRpbWVcIjoxNzE1MTkwNjE0fSJ9.bDuhxjpSwwXAHS1mxhJXkRqFYDrQykjlPeoLXFjPd4s; expires=Thu, 15 Sep 2078 11:41:10 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= | 0.0.0.0 | | 0 B |
URL User Request GET f2bfbec576.news-mezutu.com/?id=1218914904&p1=&p2=&p3=&p4= IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f2bfbec576.news-mezutu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0beb8db8ec.news-mezutu.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|