Report - csmhgs.com/

Report Overview

Submitted URL
csmhgs.com/
IP
38.26.223.115
ASN
#398823 PEGTECHINC-AP-02
Submitted
2022-10-22 07:16:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-09T05:09:49Z	355 B	1.9 kB	104.18.21.226
kvtfff.top	unknown	2022-07-19T12:01:17Z	2023-01-19T06:15:57Z	387 B	846 kB	104.21.233.216
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-09T05:09:04Z	694 B	3.8 kB	104.18.21.226
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-09T08:30:34Z	1.1 kB	12 kB	103.235.46.191
gnrty.kmjkwe.xyz	unknown	2022-10-20T09:42:37Z	2023-01-12T10:55:18Z	756 B	159 kB	23.224.92.243
img.x969.xyz	unknown	2022-07-18T15:07:19Z	2022-11-27T09:00:26Z	388 B	189 B	23.225.222.2
csmhgs.com	unknown	2019-04-26T10:20:50Z	2023-03-10T09:17:10Z	330 B	195 B	38.26.223.115
avoumei.com	unknown			4.0 kB	12 kB	103.193.175.62
p0.meituan.net	52131	2012-07-12T10:42:09Z	2023-03-05T22:18:29Z	408 B	320 B	101.33.29.225
kmr.wdjptto.cn	unknown	2022-09-29T10:19:28Z	2022-11-09T17:32:28Z	478 B	1.2 kB	203.107.60.95
kmr.mjnbrt.xyz	unknown	2022-09-14T16:20:49Z	2023-02-24T07:52:52Z	368 B	85 kB	23.224.92.244
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.6 kB	9.7 kB	23.36.76.226
kvhggg.top	700378	2022-02-08T03:51:04Z	2023-02-08T04:35:35Z	387 B	566 kB	104.21.234.141
n3875.com	unknown	2022-07-06T09:46:11Z	2022-11-05T23:24:29Z	386 B	778 kB	45.61.212.47
n5893.com	unknown	2022-07-03T15:21:26Z	2022-11-05T23:24:29Z	386 B	753 kB	103.170.15.106
img.x957.xyz	unknown	2022-07-22T13:19:19Z	2022-12-12T12:04:32Z	388 B	190 B	23.225.228.34
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.36
kzeii.com	unknown	2022-09-30T09:33:30Z	2023-03-09T09:43:26Z	386 B	422 B	78.46.107.74
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	1.3 kB	2.9 kB	23.36.76.226
img.x978.xyz	unknown	2022-07-18T15:11:42Z	2022-11-05T23:24:16Z	388 B	916 B	23.225.228.34
kvhmm.com	unknown	2021-10-20T06:40:54Z	2023-02-10T10:47:54Z	386 B	422 B	78.46.107.74
ali2.a.yximgs.com	35964	2017-01-29T09:52:05Z	2023-03-08T23:45:28Z	764 B	1.2 MB	47.246.44.227
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
www.csmhgs.com	unknown	2022-06-02T10:30:23Z	2022-11-12T22:49:39Z	885 B	3.3 kB	38.26.223.115
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.189.35.180
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.7 kB	67 kB	34.120.237.76
zmhmaz8.com	unknown	2022-08-04T10:50:15Z	2023-03-09T06:15:54Z	388 B	720 kB	103.170.15.95
pdl.ixelrsd.cn	unknown	2022-10-18T18:46:37Z	2022-10-25T18:47:12Z	2.0 kB	1.8 kB	203.107.60.95
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	658 B	1.4 kB	93.184.220.29
dimg04.c-ctrip.com	139731	2014-05-08T18:11:10Z	2023-03-09T10:38:00Z	391 B	1.5 MB	104.110.17.24
kvtnnn.top	unknown	2022-08-16T12:58:10Z	2023-03-06T09:48:59Z	387 B	477 kB	104.21.234.86
img.x929.xyz	unknown	2022-07-18T14:51:30Z	2022-11-05T23:24:16Z	388 B	1.6 kB	23.225.228.34
zhongweijy.cn	unknown	2022-06-02T10:30:24Z	2022-11-05T23:24:14Z	345 B	644 B	103.87.243.249
tx2.a.yximgs.com	39162	2017-02-10T08:28:27Z	2023-03-07T17:41:52Z	762 B	1.4 MB	43.132.64.85
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
kveff.com	unknown	2022-08-16T13:07:26Z	2023-02-24T23:08:37Z	386 B	422 B	64.32.13.142
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	4.3 kB	12 kB	104.18.32.68
ome.wdgixex.cn	unknown	2022-10-20T18:46:47Z	2022-10-26T18:47:00Z	1.1 kB	1.0 kB	203.107.60.95

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	mjnbrt.xyz	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	avoumei.com/	254 B	2023-03-07	2023-03-10
Pretty URL avoumei.com/ IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:08 Last Seen2023-03-10 21:27:18 Times Seen1 Hash cc2957f961e26ba70551199815cfc657 7f187821ab00f67188b79ae5c6cd012d1b1db602 a9312ba42c37704d266f8fdb0f1da67fbaecdb510cf39d93b78b3a549340f9ed Loading...

	avoumei.com/	12 B	2023-03-10	2023-03-10
Pretty URL avoumei.com/ IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:29:58 Last Seen2023-03-10 21:27:18 Times Seen1 Hash 6dcabf3696ec50e6feb5de3665fbad96 e651235becac866e789a903609bc2f7324a757a2 3312b89377a90a99786cb77ba834eb602c64c577512ab767534514c32c1d1e67 Loading...

	avoumei.com/template/guanggao/shang.js	0 B	2023-03-07	2024-04-26
Pretty URL avoumei.com/template/guanggao/shang.js IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:42:48 Times Seen37088813 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	avoumei.com/template/guanggao/xia.js	475 B	2023-03-07	2023-03-10
Pretty URL avoumei.com/template/guanggao/xia.js IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:08 Last Seen2023-03-10 21:27:18 Times Seen1 Hash f6b241773868537596c98c84d9eb610a b49ffc13456d5a713195c86a74260f9d7f3ba5f2 a13fb8f1f88de0262548fdf4d0c92d9241de276c994a98d6c73b3e022c49f5b9 Loading...

	www.csmhgs.com/index.php	37 B	2023-03-10	2023-03-10
Pretty URL www.csmhgs.com/index.php IP 38.26.223.115 ASN #398823 PEGTECHINC-AP-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:35:42 Last Seen2023-03-10 13:00:10 Times Seen1 Hash c566be701fdae175091cc79289b7c7bf bda98d19f022c6bb9bef0715ef4f4d8acffdf367 560294fd54bf798a3a5e18d2c7b7ba8c6cbdda002730a1a70c27374cd517c202 Loading...

	avoumei.com/	11 B	2023-03-10	2023-03-10
Pretty URL avoumei.com/ IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:29:58 Last Seen2023-03-10 21:27:18 Times Seen1 Hash ffed964c33a9d3aebf2dbb901fd534ac fbf89744430211c98c65983a07cc301eb258a42f c341c22d5bc3642546400579188327fc77d63b17bf56101875aef5e033509c63 Loading...

	avoumei.com/	110 B	2023-03-07	2024-04-20
Pretty URL avoumei.com/ IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:27 Last Seen2024-04-20 19:36:52 Times Seen589 Hash d617c201d1c14420dd64584caab25720 f0ce903c41419ed3b5680ec8c4ca7cb879c1e9f8 d4120ff5140259e2d0d19bede161600b58accb36ccc617b12f58e9b13588dbc8 Loading...

	erh.mmmyhkl.cn/j/157829	16 kB	2023-03-10	2023-03-10
Pretty URL erh.mmmyhkl.cn/j/157829 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:00:10 Last Seen2023-03-10 13:00:10 Times Seen1 Hash fd336950ac10e91efc05205c94ea7442 1dd0a6aeb784e4944294f3b5ee1046c0abe754b8 e4abcb912a3ea133dca7d58136e9371046edbc6af3f4a16951582adae5acc305 Loading...

	kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172	1.5 kB	2023-03-07	2023-03-17
Pretty URL kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172 IP 203.107.60.95 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:27 Last Seen2023-03-17 12:27:52 Times Seen1 Hash 468dffc69603ccf552096e072a7ec3bd ca6fb01f835475cb968c1d181bdbb002cf953250 a34a71d131cc5e6a4bfb856012d7360730c40bc97b078f4e6380ee6ec47a3936 Loading...

	www.csmhgs.com/common.js	5.0 kB	2023-03-10	2023-03-10
Pretty URL www.csmhgs.com/common.js IP 38.26.223.115 ASN #398823 PEGTECHINC-AP-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:35:42 Last Seen2023-03-10 13:00:10 Times Seen1 Hash 26ecaefaa1d061495ea53d204f101ae0 e951d4749a1acd9c0a0124a9a20fd70612b132df 376d34e92b1045b934b9a9a85a8b8f339aff3547c0332db4427a127912a98e7f Loading...

	avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-04-26
Pretty URL avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-26 05:30:16 Times Seen4077 Hash 112c8d1b40b3e62e883c743e9d71e0bf 338318e930487b2791a7bcf53ad4601630cc41e2 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e Loading...

	erh.mmmyhkl.cn/j/157830	16 kB	2023-03-10	2023-03-10
Pretty URL erh.mmmyhkl.cn/j/157830 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:00:10 Last Seen2023-03-10 13:00:10 Times Seen1 Hash 0ac341f156a73b6586d23ffd6325bcd4 5580535765472174c6fac97f1b8aecf4cc861ae4 4a1e92cd4575faeb4c2b23493c927b797e0ba1ffaf27c7effa8b66e2be1f345e Loading...

	hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad	30 kB	2023-03-10	2023-03-10
Pretty URL hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:00:10 Last Seen2023-03-10 13:00:10 Times Seen1 Hash 61d74120a7628facb71a71575764cc6e d1547ff65c4e3b5ae3cc5577ba070775280a8908 661d51910df9719d59b6c4ef3869f88f5c4cd71b839a9c5ab18c4742216a5abb Loading...

	avoumei.com/template/m1938pc/static/js/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL avoumei.com/template/m1938pc/static/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 08:58:10 Times Seen118743 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	avoumei.com/	126 B	2023-03-07	2024-04-18
Pretty URL avoumei.com/ IP 103.193.175.62 ASN #136933 Gigabitbank Global Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:48 Last Seen2024-04-18 08:18:14 Times Seen697 Hash 2f869be15fc72c6b1c27b0722717f7b9 4c14a9d014274a315deb6c2066659a5472de3281 86ab4a35529048ff85c373322d7b7cc6bf047551f014c721a210c01c5a070db6 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3e84e218fabad3da2a85704e003358bf	458 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 13:00:10 Last Seen2023-03-10 13:00:10 Times Seen1 Hash 3e84e218fabad3da2a85704e003358bf aef5e4a1d8cb1d1ae096cdf94d2af973a84d368c 73995103a2138b63d9db83e67bfd545c9bee83bf3601bf904b9e9774fcdea1f4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2054c017944264ccc24628eaf910630b	69 B	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 12:02:08 Last Seen2023-03-10 21:27:18 Times Seen1 Hash 2054c017944264ccc24628eaf910630b df6d4fd002b407c1580084282799b861875a0a44 e07239b48419b4ab06f0edd6febe3e03bc428f5fa37ff98e06145d8618b74265 Loading...

	#2 Write - ccddc01eb00d16b57484357960ef890c	439 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 13:00:10 Last Seen2023-03-10 13:00:10 Times Seen1 Hash ccddc01eb00d16b57484357960ef890c 0afcf30c2adbf54b15735ad3a65bdb72dea77986 c9b667d2b78cae15e0f2cd88791a0564c8ed6cf825061ec1f2f066204cac92de Loading...

HTTP Transactions (89)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 06:41:45 GMT
Expires: Sat, 22 Oct 2022 07:08:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V4eBw7e2zSQHFAm_waplkd8DyDlJVGqHb-Q24qVMZx8W1_IOOthqrw==
Age: 2084

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9575
Expires: Sat, 22 Oct 2022 09:56:04 GMT
Date: Sat, 22 Oct 2022 07:16:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Sat, 22 Oct 2022 09:54:43 GMT
Date: Sat, 22 Oct 2022 07:16:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mxQl2ClBJe5h3hAlivpU9CwVjuHHk6Qj+Gw3sM9E2WBEaF2mFhZ3OBoB0uLnueDZX35WsEz/0j8=
x-amz-request-id: HHSHBE5SB3GCZQJC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 07:07:32 GMT
age: 537
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

csmhgs.com/

38.26.223.115

301 Moved Permanently

0 B

URL HTTP/1.1
csmhgs.com/
IP
38.26.223.115:0
ASN
#398823 PEGTECHINC-AP-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 22 Oct 2022 07:16:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.csmhgs.com/index.php

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 06:43:40 GMT
Expires: Sat, 22 Oct 2022 07:00:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j4z6lKZvnX647r3ud-Kl1b6LvLF4WB6gPNNxq-BpR6HpuooyGhpoaQ==
Age: 1969

www.csmhgs.com/index.php

38.26.223.115

200 OK

640 B

URL HTTP/1.1
www.csmhgs.com/index.php
IP
38.26.223.115:0
ASN
#398823 PEGTECHINC-AP-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (635), with CRLF line terminators
Size
640 B (640 bytes)
Hash
7825bd36680cfe0e73b1b60497431904
c56d8237f1f72b0a1687c329ed707b33957ee8ad
ef0b650e17a614ad54828c3e32f7639b0985c3bacd38230769e0567bb7a43a55

HTTP Headers

GET /index.php HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: max-age=92750
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 07:16:30 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:02:20 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

www.csmhgs.com/common.js

38.26.223.115

200 OK

2.1 kB

URL HTTP/1.1
www.csmhgs.com/common.js
IP
38.26.223.115:0
ASN
#398823 PEGTECHINC-AP-02

File type
HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Size
2.1 kB (2074 bytes)
Hash
adc6787c4a4b1f71cf31bc616ad63961
010b6c5dff242d17677303b38c4e2ba2d8c8b6b4
6a5d86c82827b1cdc9d8b625210b1bae37724f7b20f47cab93374b34df5ae117

HTTP Headers

GET /common.js HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.csmhgs.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.189.35.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.35.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VWgRkJ8ta7LtYakdqS5yww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6wxhgfpBhhDw3LjlVviKcAFS5Xc=

www.csmhgs.com/tj.js

38.26.223.115

200 OK

0 B

URL HTTP/1.1
www.csmhgs.com/tj.js
IP
38.26.223.115:0
ASN
#398823 PEGTECHINC-AP-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.csmhgs.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive

zhongweijy.cn/api.php?val=syiying&t=0.7993143332990279?v=08192371330218893

103.87.243.249

200 OK

207 B

URL HTTP/1.1
zhongweijy.cn/api.php?val=syiying&t=0.7993143332990279?v=08192371330218893
IP
103.87.243.249:0
ASN
#135581 19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong

File type
JSON data\012- , ASCII text, with very long lines (443), with CRLF line terminators
Size
207 B (207 bytes)
Hash
06cbb1037f3391f5e47a9cb614dc9ed7
9d8872e6ae6194c1e1cfbef8e716cd763ffa8b3c
5a5fda3a36cc49802714800bf816770dd0419a8a2d4f8916a54277c87526535e

HTTP Headers

GET /api.php?val=syiying&t=0.7993143332990279?v=08192371330218893 HTTP/1.1
Host: zhongweijy.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.csmhgs.com
Connection: keep-alive
Referer: http://www.csmhgs.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6801 bytes)
Hash
cd562cc3980d93423b625d59deea0f95
5c8646f62e19f78579fca8473edcc4e5de0e161f
b77d018b77f627e99ae6d6d2eac6c56d92499779abdbb85da3045ccb8df5211e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6801
x-amzn-requestid: 668e33b2-d3e8-46c6-acae-b99777f605d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-M6HOBIAMFyNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b8-2b4e95e24c0dd2f33f8a2dc7;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DrXs0i2RMDtmHX8N4BN6LtiogZr56Da3yPFpye5siVtx0dZfLEXk7g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:19 GMT
age: 33252
etag: "5c8646f62e19f78579fca8473edcc4e5de0e161f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10684 bytes)
Hash
5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CWLtJnrAc5b0j1aPGbuOaGuPRYzwNM0xGGP1muEwkPsih8c0iryoGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 33034
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7372 bytes)
Hash
616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP9aRT8xL5F2kf36A-lMaIQ9FSAEUGo8jmx9y63iIBDdyWYujkXXPw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 33034
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe483f228-39c4-47f0-a896-a8e068a8e128.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14641 bytes)
Hash
f0c231ec92860d4904212d6629102eb5
f1a5bdcfc17d101f97bec17d312b60f6a012e833
10a5b0192165bdbcbc52dfa2d3ba928e0f8f8d51cbba037cdf326391d77f973d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe483f228-39c4-47f0-a896-a8e068a8e128.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14641
x-amzn-requestid: 7d857583-c433-4627-80a3-adbd17617218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MSHNWoAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b4-44c233a100a26cda663cf850;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F4nD1gpKmgeDR74chfL73p-GozN6nOwgK3TWt14-we44Gi92pM11nQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:16 GMT
age: 33375
etag: "f1a5bdcfc17d101f97bec17d312b60f6a012e833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8639 bytes)
Hash
97e9c05ece38dedeaa752c612029c78d
715f72710799f828e2c06932c33919d8f23844f5
29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8639
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m5HlMoAMFvjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGxdiTeIFErXZkMgV8fvRZINC3dtZ1kue349gMCvWptL_ZJvgGRWHA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:27 GMT
age: 33364
etag: "715f72710799f828e2c06932c33919d8f23844f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7821 bytes)
Hash
f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 33239
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4d84acaf21a0f6d0e8d8f92580354ffb
e65c0ad64401df82cec5d1d3a0a2d0fb1d6ac050
1f655f570b9f7f9d8add4a2776796f6a171f69ce4d0392c10436655720954667

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F655F570B9F7F9D8ADD4A2776796F6A171F69CE4D0392C10436655720954667"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 13:16:31 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe0eb7f843d8f1786dee98b825cafe56
2c82dc3b42821742d2a5032f7ad55fba913d6fb2
fa926a54a75035771b57c08a89b59dea7fabf2d01d1feef6c1371a922cceb29d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA926A54A75035771B57C08A89B59DEA7FABF2D01D1FEEF6C1371A922CCEB29D"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8605
Expires: Sat, 22 Oct 2022 09:39:57 GMT
Date: Sat, 22 Oct 2022 07:16:32 GMT
Connection: keep-alive

kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

78.46.107.74

301 Moved Permanently

162 B

URL HTTP/2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP
78.46.107.74:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/html
content-length: 162
location: https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b258271fdbe2a4c42c88b21dd6e3ab8
b5d1dfa033d70674d6938c97e0b05765c85322f3
942f1e0e7183d691bd76660e163445dda60efc71c45d086699cc2b87fe9b1dc3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "942F1E0E7183D691BD76660E163445DDA60EFC71C45D086699CC2B87FE9B1DC3"
Last-Modified: Thu, 20 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Sat, 22 Oct 2022 09:08:03 GMT
Date: Sat, 22 Oct 2022 07:16:32 GMT
Connection: keep-alive

kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif

78.46.107.74

301 Moved Permanently

162 B

URL HTTP/2
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP
78.46.107.74:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2bfb828f0d71b679397f30cf44cb2285
a3f208bff0da30d771b3379f8fb55428ec2db959
0018cd22a426c2c9616f311857307529d3f2263b266e05e86f97a21ab9403d83

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122531
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 07:16:33 GMT
Etag: "6352d474-117"
Expires: Sun, 23 Oct 2022 17:18:44 GMT
Last-Modified: Fri, 21 Oct 2022 17:18:44 GMT
Server: nginx
Content-Length: 279

avoumei.com/template/guanggao/shang.js

103.193.175.62

200 OK

0 B

URL HTTP/2
avoumei.com/template/guanggao/shang.js
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /template/guanggao/shang.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 29 Mar 2022 09:27:30 GMT
etag: "6242d102-0"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/images/loading.svg

103.193.175.62

200 OK

506 B

URL HTTP/2
avoumei.com/template/m1938pc/images/loading.svg
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
506 B (506 bytes)
Hash
bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

HTTP Headers

GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:25 GMT
etag: "61da9f3d-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

avoumei.com/template/guanggao/xia.js

103.193.175.62

200 OK

475 B

URL HTTP/2
avoumei.com/template/guanggao/xia.js
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
475 B (475 bytes)
Hash
f6b241773868537596c98c84d9eb610a
b49ffc13456d5a713195c86a74260f9d7f3ba5f2
a13fb8f1f88de0262548fdf4d0c92d9241de276c994a98d6c73b3e022c49f5b9

HTTP Headers

GET /template/guanggao/xia.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
content-length: 475
last-modified: Mon, 16 May 2022 06:30:32 GMT
etag: "6281ef88-1db"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/css/ate.css

103.193.175.62

200 OK

6.3 kB

URL HTTP/2
avoumei.com/template/m1938pc/css/ate.css
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type
data
Size
6.3 kB (6323 bytes)
Hash
471def6a3470057cd1486c3e4f7455fa
f2d2e5fc971a535d976e4172fe3890d4507e0b9a
f9a9eb12fb6aae09bb3e43bab0d822a2107ad7666ad9399e0e3992b769ef26e5

HTTP Headers

GET /template/m1938pc/css/ate.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:25 GMT
vary: Accept-Encoding
etag: W/"61d46415-126e4"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0394n12000a0asaa74C95.gif

104.110.17.24

200 OK

1.5 MB

URL HTTP/2
dimg04.c-ctrip.com/images/0394n12000a0asaa74C95.gif
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.5 MB (1495356 bytes)
Hash
af737e86fc083a958d9f25203333f0be
cb0ee5d9a71efdf61b622bd4175998bdeecca900
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a

HTTP Headers

GET /images/0394n12000a0asaa74C95.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 1495356
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13395076
expires: Sun, 26 Mar 2023 08:07:49 GMT
date: Sat, 22 Oct 2022 07:16:33 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f64beefa38f32ae46f45c238bf4c8c3d
c3907eb06e47f660870a74b712bfae49b1a46376
a881c0c7dc88a56fdd3fb9440dc31e06f8466f15b0c3700a9b2ad2ebc673bef3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A881C0C7DC88A56FDD3FB9440DC31E06F8466F15B0C3700A9B2AD2EBC673BEF3"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 13:16:33 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive

kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

104.21.234.141

200 OK

566 kB

URL HTTP/2
kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP
104.21.234.141:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
566 kB (565615 bytes)
Hash
6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

HTTP Headers

GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Sat, 19 Nov 2022 20:09:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 126439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B1lp8GtsuCU4m2mGqb%2FYKSHfWGIjWXk3GKzPSoZ5PvBcTIJ4WAkrLnIdRDU3L%2F5Z%2BHeaGqUBiSuolYMpDh%2F9qj%2BGDnpgN76omp%2BgGKNRhjNAu4DTLi5atvQ6GmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bb2ec276cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d82069685860958f0288a28e477b2015
ff7ad44a2d495cb573c02fe28322f8a11fc5778c
1f71f0987117e1b9c0bf199f4fbddf42c632d575b76f3cd0767946ce05ad4ada

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F71F0987117E1B9C0BF199F4FBDDF42C632D575B76F3CD0767946CE05AD4ADA"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1262
Expires: Sat, 22 Oct 2022 07:37:35 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive

avoumei.com/template/m1938pc/images/video-mask.png

103.193.175.62

200 OK

107 B

URL HTTP/2
avoumei.com/template/m1938pc/images/video-mask.png
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Mon, 21 Nov 2022 07:16:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/images/video-play.png

103.193.175.62

200 OK

1.6 kB

URL HTTP/2
avoumei.com/template/m1938pc/images/video-play.png
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:21 GMT
etag: "61d4644d-61f"
expires: Mon, 21 Nov 2022 07:16:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
d82069685860958f0288a28e477b2015
ff7ad44a2d495cb573c02fe28322f8a11fc5778c
1f71f0987117e1b9c0bf199f4fbddf42c632d575b76f3cd0767946ce05ad4ada

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F71F0987117E1B9C0BF199F4FBDDF42C632D575B76F3CD0767946CE05AD4ADA"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1262
Expires: Sat, 22 Oct 2022 07:37:35 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive

kveff.com/3a42b77b06a321ae0a42e47f62868fd8.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/3a42b77b06a321ae0a42e47f62868fd8.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /3a42b77b06a321ae0a42e47f62868fd8.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif

104.21.233.216

200 OK

845 kB

URL HTTP/2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP
104.21.233.216:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 80\012- data
Size
845 kB (845033 bytes)
Hash
2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b

HTTP Headers

GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 18 Nov 2022 09:24:22 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 251531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAHA%2FEeXVEhHH%2Fly36AtL1xef9XFN6DZUN%2Fs4aXwBlcLDUNDHRcZgm1REfOHTTPG9%2BUKENXiJCXQMJPeTjiGJWIxuIbqC4rfHSrRdlYQ5WT0WZliLyX9W2Vz%2BwIG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bcbc8171bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

p0.meituan.net/dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif

101.33.29.225

404 Not Found

0 B

URL HTTP/2
p0.meituan.net/dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif
IP
101.33.29.225:0
ASN
#139341 ACE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif HTTP/1.1
Host: p0.meituan.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: openresty
date: Sat, 22 Oct 2022 07:16:33 GMT
m-traceid: zj5iah5thj4fpmiracii
age: 0
x-cache-lookup: Cache Miss, Cache Miss, Cache Miss
content-length: 0
x-nws-log-uuid: 11164453862360497483
access-control-allow-origin: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9c9e6489a6688ce53d74b149d756d297
dc1948a3292163cea32cbe11962a8970db02a41c
9a67116b47678e66c7198cc7f98e949c75c203c7cc32ecaf60c79196e2d649a8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9A67116B47678E66C7198CC7F98E949C75C203C7CC32ECAF60C79196E2D649A8"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1219
Expires: Sat, 22 Oct 2022 07:36:52 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9c9e6489a6688ce53d74b149d756d297
dc1948a3292163cea32cbe11962a8970db02a41c
9a67116b47678e66c7198cc7f98e949c75c203c7cc32ecaf60c79196e2d649a8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9A67116B47678E66C7198CC7F98E949C75C203C7CC32ECAF60C79196E2D649A8"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1219
Expires: Sat, 22 Oct 2022 07:36:52 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
24d3a3c95f44883b633e701149aab79a
bb23eda75f650330dfff1671a296876bfcc7d63e
72d607e95192172d5a67ca63dc5ffb6545eaa1fb21b78c45a36c210482a6440a

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 03:40:14 GMT
ETag: "bb23eda75f650330dfff1671a296876bfcc7d63e"
Last-Modified: Sat, 22 Oct 2022 03:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3570
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072bfe90c0afa-OSL

kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif

104.21.234.86

200 OK

476 kB

URL HTTP/2
kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif
IP
104.21.234.86:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1000 x 80\012- data
Size
476 kB (476331 bytes)
Hash
3bb0a63f311f773d037332df59db4adf
084055c87bfae01407820232bc8069750f5da023
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646

HTTP Headers

GET /3a42b77b06a321ae0a42e47f62868fd8.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 476331
last-modified: Fri, 19 Aug 2022 17:02:35 GMT
etag: "62ffc22b-744ab"
expires: Mon, 14 Nov 2022 18:51:08 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 563125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHGUiGl5L0sLQYBcKUc2jwTe1tDBtxssw3GMWk8iUy%2F5%2B82mWMBXT%2BV0xXilk5bn%2B7ztlg%2FZ38nBpAZA55BXE7LsWsBR3Iwi6RqkbLvaOcYVjFgb6GYgbFmJztu2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bf69907713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
331c583803bc5b6e33066a227979d927
96bef6e23cb955e095c510a44acebcdcde55a48f
464225796f55e5020202100c5a055c034a9ceeb180a9f6696880c4f822dee0ab

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 05:15:27 GMT
ETag: "96bef6e23cb955e095c510a44acebcdcde55a48f"
Last-Modified: Sat, 22 Oct 2022 05:15:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072c0996b0afa-OSL

img.x929.xyz/images/62ea581fa8992943249c80b2.gif

23.225.228.34

302 Found

1.4 kB

URL HTTP/2
img.x929.xyz/images/62ea581fa8992943249c80b2.gif
IP
23.225.228.34:0
ASN
#40065 CNSERVERS

File type
data
Size
1.4 kB (1432 bytes)
Hash
331c583803bc5b6e33066a227979d927
96bef6e23cb955e095c510a44acebcdcde55a48f
464225796f55e5020202100c5a055c034a9ceeb180a9f6696880c4f822dee0ab

HTTP Headers

GET /images/62ea581fa8992943249c80b2.gif HTTP/1.1
Host: img.x929.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
85391f9891cda995644685546f342f37
9f4b49c585b26d517eebe11666d237802fcdd2b1
84c3b732825fbc5ef305b2d9ef97e758b7b50a30171983a409bd731cc9687bb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 02:41:54 GMT
Expires: Sat, 29 Oct 2022 02:41:53 GMT
Etag: "9f4b49c585b26d517eebe11666d237802fcdd2b1"
Cache-Control: max-age=587718,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0bf6f0b49-OSL

ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg

47.246.44.227

200 OK

540 kB

URL HTTP/1.1
ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 90\012- data
Size
540 kB (539927 bytes)
Hash
e2b85b3ff94b6d25c6af87b3f0a54c80
37a9d035f29dbd8ce7a28e2b3df96fee84198d80
d4872aa4dea35d161576ced91118e99a911edf2b9635184811ce458d25524806

HTTP Headers

GET /udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 539927
Connection: keep-alive
Date: Fri, 26 Aug 2022 10:45:41 GMT
Cache-Control: max-age=2592000
Expires: Fri, 02 Sep 2022 10:45:41 GMT
Last-Modified: Thu, 25 Aug 2022 14:22:51 GMT
x-amz-request-id: 7eaca3a18a8c4fd0ad4539b52d9df777
x-amz-id-2: fGBhaN0tB4Bw9/JAAcxK24qsi7/mkAimdJqOQn0yfOoD5RpnPhDI+8dePKk=
Accept-Ranges: bytes
ETag: "E2B85B3FF94B6D25C6AF87B3F0A54C80"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 661510741588971620
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.227
X-Kimg: egae
Ali-Swift-Global-Savetime: 1661510741
Via: cache8.l2et2-2[0,0,200-0,H], cache37.l2et2-2[3,0], cache4.l2de2[0,0,200-0,H], cache14.l2de2[2,0], cache5.se1[0,0,200-0,H], cache2.se1[3,0]
Age: 4912253
X-Cache: HIT TCP_MEM_HIT dirn:1:7658098
X-Swift-SaveTime: Fri, 21 Oct 2022 14:57:23 GMT
X-Swift-CacheTime: 26250498
kwaisign: null
X-Ks-Request-ID: 2ff62c9616664229940274566e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9616664229940274566e

ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg

47.246.44.227

200 OK

611 kB

URL HTTP/1.1
ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 90\012- data
Size
611 kB (610817 bytes)
Hash
f1de5f48ea31923060d4ade953c9bd4f
bf888ebc5d3b974c7f3daaac44bb803d27c56ade
a798b756a69b0567619332c7787acd1fed7bc8a31f8903649c490978a7e21683

HTTP Headers

GET /udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 610817
Connection: keep-alive
Date: Fri, 21 Oct 2022 13:10:43 GMT
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 13:10:42 GMT
Last-Modified: Fri, 09 Sep 2022 11:06:55 GMT
x-amz-request-id: a8edc5f23beb476ab0408f4541efea57
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7KcnDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "F1DE5F48EA31923060D4ADE953C9BD4F"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666357843453878693
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.227
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666357844
Via: cache42.l2ea118-2[0,0,200-0,H], cache9.l2ea118-2[1,0], cache2.l2de2[0,0,200-0,H], cache3.l2de2[2,0], cache1.se1[0,0,200-0,H], cache7.se1[3,0]
Age: 65150
X-Cache: HIT TCP_MEM_HIT dirn:2:206004265
X-Swift-SaveTime: Fri, 21 Oct 2022 14:57:23 GMT
X-Swift-CacheTime: 31097601
kwaisign: null
X-Ks-Request-ID: 2ff62c9b16664229940244473e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664229940244473e

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
fc38ef1ce81039ff1989a1c5873101a2
cdccf5bbbb7a8b15195728ebf405a46b14ea490e
c7d63b32bad492665e1d6b6361f54f30429c63f35d68512e37d6e2e5b9f113c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 22:22:00 GMT
Expires: Wed, 26 Oct 2022 22:21:59 GMT
Etag: "cdccf5bbbb7a8b15195728ebf405a46b14ea490e"
Cache-Control: max-age=399324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0cea20b65-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
551b3bdd85532bf10b3e7e6dc464ca02
467f4fef8190a77cf18ff29989d89612ae49fec6
f709d86b2d8ed0e863c36bd13232c71ccf3cdc1e27382412ab7177e3873edad7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 11:21:12 GMT
Expires: Wed, 26 Oct 2022 11:21:11 GMT
Etag: "467f4fef8190a77cf18ff29989d89612ae49fec6"
Cache-Control: max-age=359676,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c10fb30b49-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
551b3bdd85532bf10b3e7e6dc464ca02
467f4fef8190a77cf18ff29989d89612ae49fec6
f709d86b2d8ed0e863c36bd13232c71ccf3cdc1e27382412ab7177e3873edad7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 11:21:12 GMT
Expires: Wed, 26 Oct 2022 11:21:11 GMT
Etag: "467f4fef8190a77cf18ff29989d89612ae49fec6"
Cache-Control: max-age=359676,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0cea10b65-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0249da75486cf2cfa6e23772d14b367c
49d62b7655e36e1640e03e27e9d8184661eeb3a8
6480bf4667a47db070aba01242031618bf4019d3941c949121d5fad4fdce367c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 01:11:58 GMT
Expires: Wed, 26 Oct 2022 01:11:57 GMT
Etag: "49d62b7655e36e1640e03e27e9d8184661eeb3a8"
Cache-Control: max-age=323122,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0defdb4f7-OSL

n3875.com/a14692797f9b4d4da8479a42a64223ad.gif

45.61.212.47

200 OK

778 kB

URL HTTP/1.1
n3875.com/a14692797f9b4d4da8479a42a64223ad.gif
IP
45.61.212.47:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 90\012- data
Size
778 kB (777959 bytes)
Hash
30ddc1574645e47bbd59a88544eb86a5
ea1f934b36af7afb00dd5fac0b4920caae2e611f
fe8f0d5b8197d8059077618c4f672da0d80750166bbdcab69297f5d8ddf6a85c

HTTP Headers

GET /a14692797f9b4d4da8479a42a64223ad.gif HTTP/1.1
Host: n3875.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fb9887-bdee7"
Date: Sat, 08 Oct 2022 00:38:27 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 16 Aug 2022 13:15:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 777959

zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif

103.170.15.95

200 OK

720 kB

URL HTTP/1.1
zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif
IP
103.170.15.95:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
720 kB (719745 bytes)
Hash
a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

HTTP Headers

GET /a948bb8284944c4f8dafa24a384cbb8a.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fb9d96-afb81"
Date: Fri, 30 Sep 2022 01:58:36 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 16 Aug 2022 13:37:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 719745

tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg

43.132.64.85

200 OK

363 kB

URL HTTP/1.1
tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg
IP
43.132.64.85:0
ASN
#139341 ACE

File type
GIF image data, version 89a, 960 x 80\012- data
Size
363 kB (362848 bytes)
Hash
dfd003268a625b499bb08271a598df4d
76e97b0d72d033606dbdcf8fd14415a7b53d4610
124fd976372d4417fb22249c29b463dba4100d1b3bbeddbb9c9bbb86edfdc0af

HTTP Headers

GET /udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: image/jpeg
Content-Length: 362848
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 07:16:34 GMT
Last-Modified: Fri, 21 Oct 2022 13:10:37 GMT
X-NWS-LOG-UUID: 748921b4-263f-4a71-9c7b-37902e40f1b9
x-ks-http-first-data: 1
X-Ks-Request-ID: 748921b4-263f-4a71-9c7b-37902e40f1b9
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "3c111c50a771daf3d031b2640312ca29-1"
x-cos-hash-crc64ecma: 4843399114952898927
x-cos-request-id: NjM1MjlhNGRfYjViNmJlMDlfMTNlMjFfZDQ0MTNhYQ==
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster

tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg

43.132.64.85

200 OK

1.0 MB

URL HTTP/1.1
tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg
IP
43.132.64.85:0
ASN
#139341 ACE

File type
GIF image data, version 89a, 960 x 90\012- data
Size
1.0 MB (1015116 bytes)
Hash
99c83803a8903c6ed186ffb90a3cd929
681ae1c0dcaa381a2f72ecacb057db4262a89f05
280a983bedaa96481e829d68b553fb752f278ac8c0eee5c479c287e647934884

HTTP Headers

GET /udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: image/jpeg
Content-Length: 1015116
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 07:16:34 GMT
Last-Modified: Fri, 21 Oct 2022 13:10:37 GMT
X-NWS-LOG-UUID: 12f765fd-b8c6-49ff-977b-50530e38614d
x-ks-http-first-data: 1
X-Ks-Request-ID: 12f765fd-b8c6-49ff-977b-50530e38614d
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "4d743c853e238ded6fa5005e08cf7145-1"
x-cos-hash-crc64ecma: 5205704680882675223
x-cos-request-id: NjM1MjlhNGRfMzUxNWYyMDlfMmZmNzNfNDZlZGM1YmM=
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster

hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (624)
Size
11 kB (11337 bytes)
Hash
2b44e04253e1a78434e42bf829f9c52e
3ad890af8ad0afd450ea7255a5cab4af6fbea131
1f6d678c42beb80edf20ac4bd7cccbfc20c71f03e6c2f42de72afe9aa3b7ced2

HTTP Headers

GET /hm.js?ec34003f0783a55d9a9d1e86ec2f40ad HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11337
Content-Type: application/javascript
Date: Sat, 22 Oct 2022 07:16:34 GMT
Etag: 06895712a123b5d2520ab4c6664c3e0f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=73D69E04C2674E90; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

n5893.com/981b6d2df5004bc6952b671e2ad9f049.gif

103.170.15.106

200 OK

753 kB

URL HTTP/1.1
n5893.com/981b6d2df5004bc6952b671e2ad9f049.gif
IP
103.170.15.106:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
753 kB (752604 bytes)
Hash
db5b6724719b57c439f7397360e57dea
a70b0c77543ffc4de61513868289f08d8edc1401
b3efb8b8e50d19161e2af969e2771978cdbda7853cb03442977930d076942e75

HTTP Headers

GET /981b6d2df5004bc6952b671e2ad9f049.gif HTTP/1.1
Host: n5893.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63528515-b7bdc"
Date: Fri, 21 Oct 2022 11:41:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 21 Oct 2022 11:40:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 752604

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9f5f18c780788a1da4e64af5bd3f220d
29f5f1982cdeb65fde01e4985bf9add5d622661f
43a9f210a6255e2840c928b894957dbb98872a058436109b2ed7ec7e962e8185

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:07:44 GMT
Expires: Fri, 28 Oct 2022 16:07:43 GMT
Etag: "29f5f1982cdeb65fde01e4985bf9add5d622661f"
Cache-Control: max-age=549667,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9eef30b49-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
297f50e18653c68ba2005b34dd4cd494
5b27b86e4035e42edfb552d772008dc51e94f8ad
4ba2bfaf4fef4421a6e0e908cbf9b8a807c16e6b1e937b828321557ae8494015

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 07:40:53 GMT
Expires: Thu, 27 Oct 2022 07:40:52 GMT
Etag: "5b27b86e4035e42edfb552d772008dc51e94f8ad"
Cache-Control: max-age=432856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9ce7c0b65-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
297f50e18653c68ba2005b34dd4cd494
5b27b86e4035e42edfb552d772008dc51e94f8ad
4ba2bfaf4fef4421a6e0e908cbf9b8a807c16e6b1e937b828321557ae8494015

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 07:40:53 GMT
Expires: Thu, 27 Oct 2022 07:40:52 GMT
Etag: "5b27b86e4035e42edfb552d772008dc51e94f8ad"
Cache-Control: max-age=432856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9fe990b65-OSL

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 22 Oct 2022 07:16:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8AF31F839CA19E31; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd89cc0b65-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd8d31b4f7-OSL

gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/a.gif

23.224.92.243

200 OK

74 kB

URL HTTP/1.1
gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/a.gif
IP
23.224.92.243:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 600 x 200\012- data
Size
74 kB (73821 bytes)
Hash
a26c729e9e6de0a56723a3f2274b9568
f216ff16f6ffc84ed9bd2a7c21d76c5f78fa50e2
1ccb894f25adb615d76e26f2e9d3e546a36dfa1b455220293c5429914893bcca

HTTP Headers

GET /kmnbhevhfjrtetd/a.gif HTTP/1.1
Host: gnrty.kmjkwe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/gif
Content-Length: 73821
Last-Modified: Thu, 20 Oct 2022 08:39:57 GMT
Connection: keep-alive
ETag: "6351095d-1205d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kmr.mjnbrt.xyz/mnrt/kmrr.png

23.224.92.244

200 OK

85 kB

URL HTTP/1.1
kmr.mjnbrt.xyz/mnrt/kmrr.png
IP
23.224.92.244:0
ASN
#40065 CNSERVERS

File type
PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (84560 bytes)
Hash
3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /mnrt/kmrr.png HTTP/1.1
Host: kmr.mjnbrt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Thu, 20 Oct 2022 08:39:59 GMT
Connection: keep-alive
ETag: "6351095f-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/c.gif

23.224.92.243

200 OK

84 kB

URL HTTP/1.1
gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/c.gif
IP
23.224.92.243:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 600 x 200\012- data
Size
84 kB (84426 bytes)
Hash
9921b46e46364692e3907209e1ac751d
f471461e26bf90297b4fb9c15a44b33becf7a5b7
d626c8cb11a97739ab83d2cb8d27332f3d3d3294d3a48f5036614646a59adddf

HTTP Headers

GET /kmnbhevhfjrtetd/c.gif HTTP/1.1
Host: gnrty.kmjkwe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/gif
Content-Length: 84426
Last-Modified: Thu, 20 Oct 2022 08:39:59 GMT
Connection: keep-alive
ETag: "6351095f-149ca"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd79bf0b65-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4d4f4c4949f70ff944430155cdc87972
5ecbf416e27c95a4f401324f32d34be864fa10c0
49620d89e04480853d7168a593342fc0d58d2d716acf648a1b3c1ecf02f4017e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 14:37:16 GMT
Expires: Thu, 27 Oct 2022 14:37:15 GMT
Etag: "5ecbf416e27c95a4f401324f32d34be864fa10c0"
Cache-Control: max-age=457838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd698d0b49-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6e8f94358cf75380001af1182e395a24
93229d45f227cfb03180c21a2e255774ff55954e
1e963b0ccaec79bbb605f4e28cbe4cb6534014faac23388aa7badc9459d76218

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 19:45:28 GMT
Expires: Thu, 27 Oct 2022 19:45:27 GMT
Etag: "93229d45f227cfb03180c21a2e255774ff55954e"
Cache-Control: max-age=476330,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cdbb9c0b02-OSL

pdl.ixelrsd.cn/effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv

203.107.60.95

200 OK

20 B

URL HTTP/1.1
pdl.ixelrsd.cn/effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv
IP
203.107.60.95:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=234cbd989e858c471acf5716fc18280aafeda2423a46a92d0d210f2721a4c053; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ome.wdgixex.cn/c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=

203.107.60.95

200 OK

20 B

URL HTTP/1.1
ome.wdgixex.cn/c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
IP
203.107.60.95:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1
Host: ome.wdgixex.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=63a5dfe388bfde3dc3edf5fe3ccc05ddc063349cb68c6c408f673baec67da75f; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 20-Apr-2023 07:16:36 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
12353_30438=re; expires=Sat, 22-Oct-2022 12:16:36 GMT; Max-Age=18000; path=/
do2click_30438=5966113%7C30438%7C12353%7C157830%7C; expires=Sat, 22-Oct-2022 10:16:36 GMT; Max-Age=10800; path=/
doEffect_30438=5966113%7C30438%7C12353%7C157830%7C; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

pdl.ixelrsd.cn/c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=

203.107.60.95

200 OK

20 B

URL HTTP/1.1
pdl.ixelrsd.cn/c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
IP
203.107.60.95:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=ef61b9a2491342dc8d80ff91a25565dd434c2a6369cb10e41b2d96082437da6f; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 20-Apr-2023 07:16:36 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
12353_30257=re; expires=Sat, 22-Oct-2022 12:16:36 GMT; Max-Age=18000; path=/
do2click_30257=5964298%7C30257%7C12353%7C157829%7C; expires=Sat, 22-Oct-2022 10:16:36 GMT; Max-Age=10800; path=/
doEffect_30257=5964298%7C30257%7C12353%7C157829%7C; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

pdl.ixelrsd.cn/effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv

203.107.60.95

200 OK

20 B

URL HTTP/1.1
pdl.ixelrsd.cn/effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv
IP
203.107.60.95:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=87263acf5c745dfc810fb7a7bf954ffc918b29f1f25da3f6e505795ff783d612; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

img.x978.xyz/images/63144c2882e0a0993f11d1ff.gif

23.225.228.34

302 Found

727 B

URL HTTP/2
img.x978.xyz/images/63144c2882e0a0993f11d1ff.gif
IP
23.225.228.34:0
ASN
#40065 CNSERVERS

File type
gzip compressed data, from Unix\012- data
Size
727 B (727 bytes)
Hash
783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505

HTTP Headers

GET /images/63144c2882e0a0993f11d1ff.gif HTTP/1.1
Host: img.x978.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2

kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172

203.107.60.95

200 OK

727 B

URL HTTP/1.1
kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
IP
203.107.60.95:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
727 B (727 bytes)
Hash
783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505

HTTP Headers

GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: kmr.wdjptto.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=c266b8b043be303ff486312ecc3f693275d3f86f86ad6222142ffd2203d2d2a2; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
6ae486328476c6134eaaaef709a7e1c4
bf5820fb2300a9eccbcabb45419e38aa3778dbb0
60f582d955abc16956f9f37498158c1aafa8bf74b55886f934a3052f4780a5fd

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 26 Oct 2022 05:00:31 GMT
ETag: "bf5820fb2300a9eccbcabb45419e38aa3778dbb0"
Last-Modified: Sat, 22 Oct 2022 05:00:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2371
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072d9bcc91c0e-OSL

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3337 bytes)
Hash
baacb85509de0c5f8c3d8354f02232a7
f9190f9b694f92d385686984a8c2c7880ac4c22f
0dba837f537fc8701c1b28ca4ed0977716462f0f669b09c05084a0ca2731b32c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 8b40aab0-2ced-4e28-85af-a3d1f1347382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYqSE6eoAMFsmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa174-5618d2d53211d0733d8f4765;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mIrGRyvn0AYi3JGLBe_Xx_p-_M5xS_3J6KAqYsATUQhPvlfEVNkG9g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 08:25:09 GMT
age: 82289
etag: "f9190f9b694f92d385686984a8c2c7880ac4c22f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

img.x957.xyz/images/631b1e4db62b4063cbda4912.gif

23.225.228.34

302 Found

0 B

URL HTTP/2
img.x957.xyz/images/631b1e4db62b4063cbda4912.gif
IP
23.225.228.34:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/631b1e4db62b4063cbda4912.gif HTTP/1.1
Host: img.x957.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js

103.193.175.62

200 OK

0 B

URL HTTP/2
avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.x969.xyz/images/6319dc94178bb5a0f938807a.gif

23.225.222.2

302 Found

0 B

URL HTTP/2
img.x969.xyz/images/6319dc94178bb5a0f938807a.gif
IP
23.225.222.2:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6319dc94178bb5a0f938807a.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2

avoumei.com/

103.193.175.62

200 OK

0 B

URL HTTP/2
avoumei.com/
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.csmhgs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/css/zui.css

103.193.175.62

200 OK

0 B

URL HTTP/2
avoumei.com/template/m1938pc/css/zui.css
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/css/zui.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 03:50:12 GMT
vary: Accept-Encoding
etag: W/"6211ba74-16319"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

avoumei.com/template/m1938pc/css/1.css

103.193.175.62

200 OK

0 B

URL HTTP/2
avoumei.com/template/m1938pc/css/1.css
IP
103.193.175.62:0
ASN
#136933 Gigabitbank Global

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/css/1.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 14:15:38 GMT
vary: Accept-Encoding
etag: W/"62124d0a-8307"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations