firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 06:41:45 GMT
Expires: Sat, 22 Oct 2022 07:08:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V4eBw7e2zSQHFAm_waplkd8DyDlJVGqHb-Q24qVMZx8W1_IOOthqrw==
Age: 2084
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9575
Expires: Sat, 22 Oct 2022 09:56:04 GMT
Date: Sat, 22 Oct 2022 07:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Sat, 22 Oct 2022 09:54:43 GMT
Date: Sat, 22 Oct 2022 07:16:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mxQl2ClBJe5h3hAlivpU9CwVjuHHk6Qj+Gw3sM9E2WBEaF2mFhZ3OBoB0uLnueDZX35WsEz/0j8=
x-amz-request-id: HHSHBE5SB3GCZQJC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 07:07:32 GMT
age: 537
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
csmhgs.com/
38.26.223.115301 Moved Permanently 0 B IP 38.26.223.115:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 22 Oct 2022 07:16:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.csmhgs.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 06:43:40 GMT
Expires: Sat, 22 Oct 2022 07:00:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j4z6lKZvnX647r3ud-Kl1b6LvLF4WB6gPNNxq-BpR6HpuooyGhpoaQ==
Age: 1969
www.csmhgs.com/index.php
38.26.223.115200 OK 640 B IP 38.26.223.115:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (635), with CRLF line terminators
Hash 7825bd36680cfe0e73b1b60497431904
c56d8237f1f72b0a1687c329ed707b33957ee8ad
ef0b650e17a614ad54828c3e32f7639b0985c3bacd38230769e0567bb7a43a55
GET /index.php HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: max-age=92750
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 07:16:30 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:02:20 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.csmhgs.com/common.js
38.26.223.115200 OK 2.1 kB IP 38.26.223.115:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash adc6787c4a4b1f71cf31bc616ad63961
010b6c5dff242d17677303b38c4e2ba2d8c8b6b4
6a5d86c82827b1cdc9d8b625210b1bae37724f7b20f47cab93374b34df5ae117
GET /common.js HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.csmhgs.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VWgRkJ8ta7LtYakdqS5yww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6wxhgfpBhhDw3LjlVviKcAFS5Xc=
www.csmhgs.com/tj.js
38.26.223.115200 OK 0 B IP 38.26.223.115:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tj.js HTTP/1.1
Host: www.csmhgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.csmhgs.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive
zhongweijy.cn/api.php?val=syiying&t=0.7993143332990279?v=08192371330218893
103.87.243.249200 OK 207 B URL HTTP/1.1 zhongweijy.cn/api.php?val=syiying&t=0.7993143332990279?v=08192371330218893
IP 103.87.243.249:0
ASN #135581 19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong
File type JSON data\012- , ASCII text, with very long lines (443), with CRLF line terminators
Hash 06cbb1037f3391f5e47a9cb614dc9ed7
9d8872e6ae6194c1e1cfbef8e716cd763ffa8b3c
5a5fda3a36cc49802714800bf816770dd0419a8a2d4f8916a54277c87526535e
GET /api.php?val=syiying&t=0.7993143332990279?v=08192371330218893 HTTP/1.1
Host: zhongweijy.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.csmhgs.com
Connection: keep-alive
Referer: http://www.csmhgs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 07:16:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9707
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd562cc3980d93423b625d59deea0f95
5c8646f62e19f78579fca8473edcc4e5de0e161f
b77d018b77f627e99ae6d6d2eac6c56d92499779abdbb85da3045ccb8df5211e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6801
x-amzn-requestid: 668e33b2-d3e8-46c6-acae-b99777f605d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-M6HOBIAMFyNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b8-2b4e95e24c0dd2f33f8a2dc7;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DrXs0i2RMDtmHX8N4BN6LtiogZr56Da3yPFpye5siVtx0dZfLEXk7g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:19 GMT
age: 33252
etag: "5c8646f62e19f78579fca8473edcc4e5de0e161f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CWLtJnrAc5b0j1aPGbuOaGuPRYzwNM0xGGP1muEwkPsih8c0iryoGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 33034
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP9aRT8xL5F2kf36A-lMaIQ9FSAEUGo8jmx9y63iIBDdyWYujkXXPw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 33034
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe483f228-39c4-47f0-a896-a8e068a8e128.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe483f228-39c4-47f0-a896-a8e068a8e128.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c231ec92860d4904212d6629102eb5
f1a5bdcfc17d101f97bec17d312b60f6a012e833
10a5b0192165bdbcbc52dfa2d3ba928e0f8f8d51cbba037cdf326391d77f973d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe483f228-39c4-47f0-a896-a8e068a8e128.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14641
x-amzn-requestid: 7d857583-c433-4627-80a3-adbd17617218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MSHNWoAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b4-44c233a100a26cda663cf850;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F4nD1gpKmgeDR74chfL73p-GozN6nOwgK3TWt14-we44Gi92pM11nQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:16 GMT
age: 33375
etag: "f1a5bdcfc17d101f97bec17d312b60f6a012e833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97e9c05ece38dedeaa752c612029c78d
715f72710799f828e2c06932c33919d8f23844f5
29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8639
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m5HlMoAMFvjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGxdiTeIFErXZkMgV8fvRZINC3dtZ1kue349gMCvWptL_ZJvgGRWHA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:27 GMT
age: 33364
etag: "715f72710799f828e2c06932c33919d8f23844f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 33239
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d84acaf21a0f6d0e8d8f92580354ffb
e65c0ad64401df82cec5d1d3a0a2d0fb1d6ac050
1f655f570b9f7f9d8add4a2776796f6a171f69ce4d0392c10436655720954667
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F655F570B9F7F9D8ADD4A2776796F6A171F69CE4D0392C10436655720954667"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 13:16:31 GMT
Date: Sat, 22 Oct 2022 07:16:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe0eb7f843d8f1786dee98b825cafe56
2c82dc3b42821742d2a5032f7ad55fba913d6fb2
fa926a54a75035771b57c08a89b59dea7fabf2d01d1feef6c1371a922cceb29d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA926A54A75035771B57C08A89B59DEA7FABF2D01D1FEEF6C1371A922CCEB29D"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8605
Expires: Sat, 22 Oct 2022 09:39:57 GMT
Date: Sat, 22 Oct 2022 07:16:32 GMT
Connection: keep-alive
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/html
content-length: 162
location: https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b258271fdbe2a4c42c88b21dd6e3ab8
b5d1dfa033d70674d6938c97e0b05765c85322f3
942f1e0e7183d691bd76660e163445dda60efc71c45d086699cc2b87fe9b1dc3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "942F1E0E7183D691BD76660E163445DDA60EFC71C45D086699CC2B87FE9B1DC3"
Last-Modified: Thu, 20 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Sat, 22 Oct 2022 09:08:03 GMT
Date: Sat, 22 Oct 2022 07:16:32 GMT
Connection: keep-alive
kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bfb828f0d71b679397f30cf44cb2285
a3f208bff0da30d771b3379f8fb55428ec2db959
0018cd22a426c2c9616f311857307529d3f2263b266e05e86f97a21ab9403d83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122531
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 07:16:33 GMT
Etag: "6352d474-117"
Expires: Sun, 23 Oct 2022 17:18:44 GMT
Last-Modified: Fri, 21 Oct 2022 17:18:44 GMT
Server: nginx
Content-Length: 279
avoumei.com/template/guanggao/shang.js
103.193.175.62200 OK 0 B URL HTTP/2 avoumei.com/template/guanggao/shang.js
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/guanggao/shang.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 29 Mar 2022 09:27:30 GMT
etag: "6242d102-0"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/images/loading.svg
103.193.175.62200 OK 506 B URL HTTP/2 avoumei.com/template/m1938pc/images/loading.svg
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:25 GMT
etag: "61da9f3d-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
avoumei.com/template/guanggao/xia.js
103.193.175.62200 OK 475 B URL HTTP/2 avoumei.com/template/guanggao/xia.js
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f6b241773868537596c98c84d9eb610a
b49ffc13456d5a713195c86a74260f9d7f3ba5f2
a13fb8f1f88de0262548fdf4d0c92d9241de276c994a98d6c73b3e022c49f5b9
GET /template/guanggao/xia.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
content-length: 475
last-modified: Mon, 16 May 2022 06:30:32 GMT
etag: "6281ef88-1db"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/css/ate.css
103.193.175.62200 OK 6.3 kB URL HTTP/2 avoumei.com/template/m1938pc/css/ate.css
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
Hash 471def6a3470057cd1486c3e4f7455fa
f2d2e5fc971a535d976e4172fe3890d4507e0b9a
f9a9eb12fb6aae09bb3e43bab0d822a2107ad7666ad9399e0e3992b769ef26e5
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:25 GMT
vary: Accept-Encoding
etag: W/"61d46415-126e4"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0394n12000a0asaa74C95.gif
104.110.17.24200 OK 1.5 MB URL HTTP/2 dimg04.c-ctrip.com/images/0394n12000a0asaa74C95.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.5 MB (1495356 bytes)
Hash af737e86fc083a958d9f25203333f0be
cb0ee5d9a71efdf61b622bd4175998bdeecca900
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
GET /images/0394n12000a0asaa74C95.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1495356
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13395076
expires: Sun, 26 Mar 2023 08:07:49 GMT
date: Sat, 22 Oct 2022 07:16:33 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f64beefa38f32ae46f45c238bf4c8c3d
c3907eb06e47f660870a74b712bfae49b1a46376
a881c0c7dc88a56fdd3fb9440dc31e06f8466f15b0c3700a9b2ad2ebc673bef3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A881C0C7DC88A56FDD3FB9440DC31E06F8466F15B0C3700A9B2AD2EBC673BEF3"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 13:16:33 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive
kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
104.21.234.141200 OK 566 kB URL HTTP/2 kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 104.21.234.141:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhggg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Sat, 19 Nov 2022 20:09:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 126439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B1lp8GtsuCU4m2mGqb%2FYKSHfWGIjWXk3GKzPSoZ5PvBcTIJ4WAkrLnIdRDU3L%2F5Z%2BHeaGqUBiSuolYMpDh%2F9qj%2BGDnpgN76omp%2BgGKNRhjNAu4DTLi5atvQ6GmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bb2ec276cb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d82069685860958f0288a28e477b2015
ff7ad44a2d495cb573c02fe28322f8a11fc5778c
1f71f0987117e1b9c0bf199f4fbddf42c632d575b76f3cd0767946ce05ad4ada
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F71F0987117E1B9C0BF199F4FBDDF42C632D575B76F3CD0767946CE05AD4ADA"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1262
Expires: Sat, 22 Oct 2022 07:37:35 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive
avoumei.com/template/m1938pc/images/video-mask.png
103.193.175.62200 OK 107 B URL HTTP/2 avoumei.com/template/m1938pc/images/video-mask.png
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-6b"
expires: Mon, 21 Nov 2022 07:16:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/images/video-play.png
103.193.175.62200 OK 1.6 kB URL HTTP/2 avoumei.com/template/m1938pc/images/video-play.png
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:21 GMT
etag: "61d4644d-61f"
expires: Mon, 21 Nov 2022 07:16:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d82069685860958f0288a28e477b2015
ff7ad44a2d495cb573c02fe28322f8a11fc5778c
1f71f0987117e1b9c0bf199f4fbddf42c632d575b76f3cd0767946ce05ad4ada
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F71F0987117E1B9C0BF199F4FBDDF42C632D575B76F3CD0767946CE05AD4ADA"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1262
Expires: Sat, 22 Oct 2022 07:37:35 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive
kveff.com/3a42b77b06a321ae0a42e47f62868fd8.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveff.com/3a42b77b06a321ae0a42e47f62868fd8.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3a42b77b06a321ae0a42e47f62868fd8.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
104.21.233.216200 OK 845 kB URL HTTP/2 kvtfff.top/c35d0abb31096bf65ba5fd1994da75c9.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 845 kB (845033 bytes)
Hash 2610cb45d999b3398ba37c9a7c931cb4
2008710884b54d3576c6b9ce9797e7fdbb369b91
4374aa373836f416d560872bbe89fcf6bedcf0c9a1a2d8c256a055b85967025b
GET /c35d0abb31096bf65ba5fd1994da75c9.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 845033
last-modified: Mon, 19 Sep 2022 14:57:07 GMT
etag: "63288343-ce4e9"
expires: Fri, 18 Nov 2022 09:24:22 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 251531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAHA%2FEeXVEhHH%2Fly36AtL1xef9XFN6DZUN%2Fs4aXwBlcLDUNDHRcZgm1REfOHTTPG9%2BUKENXiJCXQMJPeTjiGJWIxuIbqC4rfHSrRdlYQ5WT0WZliLyX9W2Vz%2BwIG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bcbc8171bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p0.meituan.net/dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif
101.33.29.225404 Not Found 0 B URL HTTP/2 p0.meituan.net/dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif
IP 101.33.29.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dpplatform/f5490f49be2f90a336dd13da63c9cc9a621536.gif HTTP/1.1
Host: p0.meituan.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: openresty
date: Sat, 22 Oct 2022 07:16:33 GMT
m-traceid: zj5iah5thj4fpmiracii
age: 0
x-cache-lookup: Cache Miss, Cache Miss, Cache Miss
content-length: 0
x-nws-log-uuid: 11164453862360497483
access-control-allow-origin: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c9e6489a6688ce53d74b149d756d297
dc1948a3292163cea32cbe11962a8970db02a41c
9a67116b47678e66c7198cc7f98e949c75c203c7cc32ecaf60c79196e2d649a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9A67116B47678E66C7198CC7F98E949C75C203C7CC32ECAF60C79196E2D649A8"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1219
Expires: Sat, 22 Oct 2022 07:36:52 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c9e6489a6688ce53d74b149d756d297
dc1948a3292163cea32cbe11962a8970db02a41c
9a67116b47678e66c7198cc7f98e949c75c203c7cc32ecaf60c79196e2d649a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9A67116B47678E66C7198CC7F98E949C75C203C7CC32ECAF60C79196E2D649A8"
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1219
Expires: Sat, 22 Oct 2022 07:36:52 GMT
Date: Sat, 22 Oct 2022 07:16:33 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 24d3a3c95f44883b633e701149aab79a
bb23eda75f650330dfff1671a296876bfcc7d63e
72d607e95192172d5a67ca63dc5ffb6545eaa1fb21b78c45a36c210482a6440a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 03:40:14 GMT
ETag: "bb23eda75f650330dfff1671a296876bfcc7d63e"
Last-Modified: Sat, 22 Oct 2022 03:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3570
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072bfe90c0afa-OSL
kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif
104.21.234.86200 OK 476 kB URL HTTP/2 kvtnnn.top/3a42b77b06a321ae0a42e47f62868fd8.gif
IP 104.21.234.86:0
File type GIF image data, version 89a, 1000 x 80\012- data
Size 476 kB (476331 bytes)
Hash 3bb0a63f311f773d037332df59db4adf
084055c87bfae01407820232bc8069750f5da023
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646
GET /3a42b77b06a321ae0a42e47f62868fd8.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avoumei.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 07:16:33 GMT
content-type: image/gif
content-length: 476331
last-modified: Fri, 19 Aug 2022 17:02:35 GMT
etag: "62ffc22b-744ab"
expires: Mon, 14 Nov 2022 18:51:08 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 563125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHGUiGl5L0sLQYBcKUc2jwTe1tDBtxssw3GMWk8iUy%2F5%2B82mWMBXT%2BV0xXilk5bn%2B7ztlg%2FZ38nBpAZA55BXE7LsWsBR3Iwi6RqkbLvaOcYVjFgb6GYgbFmJztu2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75e072bf69907713-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 331c583803bc5b6e33066a227979d927
96bef6e23cb955e095c510a44acebcdcde55a48f
464225796f55e5020202100c5a055c034a9ceeb180a9f6696880c4f822dee0ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 26 Oct 2022 05:15:27 GMT
ETag: "96bef6e23cb955e095c510a44acebcdcde55a48f"
Last-Modified: Sat, 22 Oct 2022 05:15:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072c0996b0afa-OSL
img.x929.xyz/images/62ea581fa8992943249c80b2.gif
23.225.228.34302 Found 1.4 kB URL HTTP/2 img.x929.xyz/images/62ea581fa8992943249c80b2.gif
IP 23.225.228.34:0
Hash 331c583803bc5b6e33066a227979d927
96bef6e23cb955e095c510a44acebcdcde55a48f
464225796f55e5020202100c5a055c034a9ceeb180a9f6696880c4f822dee0ab
GET /images/62ea581fa8992943249c80b2.gif HTTP/1.1
Host: img.x929.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 85391f9891cda995644685546f342f37
9f4b49c585b26d517eebe11666d237802fcdd2b1
84c3b732825fbc5ef305b2d9ef97e758b7b50a30171983a409bd731cc9687bb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 02:41:54 GMT
Expires: Sat, 29 Oct 2022 02:41:53 GMT
Etag: "9f4b49c585b26d517eebe11666d237802fcdd2b1"
Cache-Control: max-age=587718,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0bf6f0b49-OSL
ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg
47.246.44.227200 OK 540 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 90\012- data
Size 540 kB (539927 bytes)
Hash e2b85b3ff94b6d25c6af87b3f0a54c80
37a9d035f29dbd8ce7a28e2b3df96fee84198d80
d4872aa4dea35d161576ced91118e99a911edf2b9635184811ce458d25524806
GET /udata/music/music_c56d8b813ee94f81ba260620c180b2770.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 539927
Connection: keep-alive
Date: Fri, 26 Aug 2022 10:45:41 GMT
Cache-Control: max-age=2592000
Expires: Fri, 02 Sep 2022 10:45:41 GMT
Last-Modified: Thu, 25 Aug 2022 14:22:51 GMT
x-amz-request-id: 7eaca3a18a8c4fd0ad4539b52d9df777
x-amz-id-2: fGBhaN0tB4Bw9/JAAcxK24qsi7/mkAimdJqOQn0yfOoD5RpnPhDI+8dePKk=
Accept-Ranges: bytes
ETag: "E2B85B3FF94B6D25C6AF87B3F0A54C80"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 661510741588971620
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.227
X-Kimg: egae
Ali-Swift-Global-Savetime: 1661510741
Via: cache8.l2et2-2[0,0,200-0,H], cache37.l2et2-2[3,0], cache4.l2de2[0,0,200-0,H], cache14.l2de2[2,0], cache5.se1[0,0,200-0,H], cache2.se1[3,0]
Age: 4912253
X-Cache: HIT TCP_MEM_HIT dirn:1:7658098
X-Swift-SaveTime: Fri, 21 Oct 2022 14:57:23 GMT
X-Swift-CacheTime: 26250498
kwaisign: null
X-Ks-Request-ID: 2ff62c9616664229940274566e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9616664229940274566e
ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg
47.246.44.227200 OK 611 kB URL HTTP/1.1 ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 90\012- data
Size 611 kB (610817 bytes)
Hash f1de5f48ea31923060d4ade953c9bd4f
bf888ebc5d3b974c7f3daaac44bb803d27c56ade
a798b756a69b0567619332c7787acd1fed7bc8a31f8903649c490978a7e21683
GET /udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg HTTP/1.1
Host: ali2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 610817
Connection: keep-alive
Date: Fri, 21 Oct 2022 13:10:43 GMT
Cache-Control: max-age=2592000
Expires: Fri, 28 Oct 2022 13:10:42 GMT
Last-Modified: Fri, 09 Sep 2022 11:06:55 GMT
x-amz-request-id: a8edc5f23beb476ab0408f4541efea57
x-amz-id-2: fGBhaN0tH5VnuPNHQ9xDmYKsiLe5h0O7KcnDUmN/bfIcoxMhcRLb+YBZMOoV8ps=
Accept-Ranges: bytes
ETag: "F1DE5F48EA31923060D4ADE953C9BD4F"
x-amz-storage-class: STANDARD
x-bs-object-status: 0
X-KSLOGID: 666357843453878693
X-Rsp-Code: 034,040
X-Ks-Cache: HIT from 47.246.44.227
X-Kimg: egae
Ali-Swift-Global-Savetime: 1666357844
Via: cache42.l2ea118-2[0,0,200-0,H], cache9.l2ea118-2[1,0], cache2.l2de2[0,0,200-0,H], cache3.l2de2[2,0], cache1.se1[0,0,200-0,H], cache7.se1[3,0]
Age: 65150
X-Cache: HIT TCP_MEM_HIT dirn:2:206004265
X-Swift-SaveTime: Fri, 21 Oct 2022 14:57:23 GMT
X-Swift-CacheTime: 31097601
kwaisign: null
X-Ks-Request-ID: 2ff62c9b16664229940244473e
x-ks-client-ip: 91.90.42.154
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9b16664229940244473e
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash fc38ef1ce81039ff1989a1c5873101a2
cdccf5bbbb7a8b15195728ebf405a46b14ea490e
c7d63b32bad492665e1d6b6361f54f30429c63f35d68512e37d6e2e5b9f113c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 22:22:00 GMT
Expires: Wed, 26 Oct 2022 22:21:59 GMT
Etag: "cdccf5bbbb7a8b15195728ebf405a46b14ea490e"
Cache-Control: max-age=399324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0cea20b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 551b3bdd85532bf10b3e7e6dc464ca02
467f4fef8190a77cf18ff29989d89612ae49fec6
f709d86b2d8ed0e863c36bd13232c71ccf3cdc1e27382412ab7177e3873edad7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 11:21:12 GMT
Expires: Wed, 26 Oct 2022 11:21:11 GMT
Etag: "467f4fef8190a77cf18ff29989d89612ae49fec6"
Cache-Control: max-age=359676,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c10fb30b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 551b3bdd85532bf10b3e7e6dc464ca02
467f4fef8190a77cf18ff29989d89612ae49fec6
f709d86b2d8ed0e863c36bd13232c71ccf3cdc1e27382412ab7177e3873edad7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 11:21:12 GMT
Expires: Wed, 26 Oct 2022 11:21:11 GMT
Etag: "467f4fef8190a77cf18ff29989d89612ae49fec6"
Cache-Control: max-age=359676,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0cea10b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0249da75486cf2cfa6e23772d14b367c
49d62b7655e36e1640e03e27e9d8184661eeb3a8
6480bf4667a47db070aba01242031618bf4019d3941c949121d5fad4fdce367c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 01:11:58 GMT
Expires: Wed, 26 Oct 2022 01:11:57 GMT
Etag: "49d62b7655e36e1640e03e27e9d8184661eeb3a8"
Cache-Control: max-age=323122,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c0defdb4f7-OSL
n3875.com/a14692797f9b4d4da8479a42a64223ad.gif
45.61.212.47200 OK 778 kB URL HTTP/1.1 n3875.com/a14692797f9b4d4da8479a42a64223ad.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 90\012- data
Size 778 kB (777959 bytes)
Hash 30ddc1574645e47bbd59a88544eb86a5
ea1f934b36af7afb00dd5fac0b4920caae2e611f
fe8f0d5b8197d8059077618c4f672da0d80750166bbdcab69297f5d8ddf6a85c
GET /a14692797f9b4d4da8479a42a64223ad.gif HTTP/1.1
Host: n3875.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fb9887-bdee7"
Date: Sat, 08 Oct 2022 00:38:27 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 16 Aug 2022 13:15:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 777959
zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif
103.170.15.95200 OK 720 kB URL HTTP/1.1 zmhmaz8.com/a948bb8284944c4f8dafa24a384cbb8a.gif
IP 103.170.15.95:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 720 kB (719745 bytes)
Hash a371336a677886333a1e0e87f32df904
5d17beeea80b18e70073f0e54dfa9ad61e71b25f
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
GET /a948bb8284944c4f8dafa24a384cbb8a.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62fb9d96-afb81"
Date: Fri, 30 Sep 2022 01:58:36 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 16 Aug 2022 13:37:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 719745
tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg
43.132.64.85200 OK 363 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg
IP 43.132.64.85:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 363 kB (362848 bytes)
Hash dfd003268a625b499bb08271a598df4d
76e97b0d72d033606dbdcf8fd14415a7b53d4610
124fd976372d4417fb22249c29b463dba4100d1b3bbeddbb9c9bbb86edfdc0af
GET /udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: image/jpeg
Content-Length: 362848
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 07:16:34 GMT
Last-Modified: Fri, 21 Oct 2022 13:10:37 GMT
X-NWS-LOG-UUID: 748921b4-263f-4a71-9c7b-37902e40f1b9
x-ks-http-first-data: 1
X-Ks-Request-ID: 748921b4-263f-4a71-9c7b-37902e40f1b9
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "3c111c50a771daf3d031b2640312ca29-1"
x-cos-hash-crc64ecma: 4843399114952898927
x-cos-request-id: NjM1MjlhNGRfYjViNmJlMDlfMTNlMjFfZDQ0MTNhYQ==
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster
tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg
43.132.64.85200 OK 1.0 MB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg
IP 43.132.64.85:0
File type GIF image data, version 89a, 960 x 90\012- data
Size 1.0 MB (1015116 bytes)
Hash 99c83803a8903c6ed186ffb90a3cd929
681ae1c0dcaa381a2f72ecacb057db4262a89f05
280a983bedaa96481e829d68b553fb752f278ac8c0eee5c479c287e647934884
GET /udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: NWSs
Date: Sat, 22 Oct 2022 07:16:34 GMT
Content-Type: image/jpeg
Content-Length: 1015116
Connection: keep-alive
Cache-Control: max-age=604800
Expires: Sat, 29 Oct 2022 07:16:34 GMT
Last-Modified: Fri, 21 Oct 2022 13:10:37 GMT
X-NWS-LOG-UUID: 12f765fd-b8c6-49ff-977b-50530e38614d
x-ks-http-first-data: 1
X-Ks-Request-ID: 12f765fd-b8c6-49ff-977b-50530e38614d
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-ks-client-ip: 91.90.42.154
kwaisign: NULL
Accept-Ranges: bytes
ETag: "4d743c853e238ded6fa5005e08cf7145-1"
x-cos-hash-crc64ecma: 5205704680882675223
x-cos-request-id: NjM1MjlhNGRfMzUxNWYyMDlfMmZmNzNfNDZlZGM1YmM=
x-cos-version-id: null
X-Ks-Cache: Hit From OC Disktank3
X-Daa-Tunnel: hop_count=1
X-Cache-Lookup: Hit From Disktank3, Hit From Inner Cluster
hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ec34003f0783a55d9a9d1e86ec2f40ad
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash 2b44e04253e1a78434e42bf829f9c52e
3ad890af8ad0afd450ea7255a5cab4af6fbea131
1f6d678c42beb80edf20ac4bd7cccbfc20c71f03e6c2f42de72afe9aa3b7ced2
GET /hm.js?ec34003f0783a55d9a9d1e86ec2f40ad HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11337
Content-Type: application/javascript
Date: Sat, 22 Oct 2022 07:16:34 GMT
Etag: 06895712a123b5d2520ab4c6664c3e0f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=73D69E04C2674E90; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
n5893.com/981b6d2df5004bc6952b671e2ad9f049.gif
103.170.15.106200 OK 753 kB URL HTTP/1.1 n5893.com/981b6d2df5004bc6952b671e2ad9f049.gif
IP 103.170.15.106:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 753 kB (752604 bytes)
Hash db5b6724719b57c439f7397360e57dea
a70b0c77543ffc4de61513868289f08d8edc1401
b3efb8b8e50d19161e2af969e2771978cdbda7853cb03442977930d076942e75
GET /981b6d2df5004bc6952b671e2ad9f049.gif HTTP/1.1
Host: n5893.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63528515-b7bdc"
Date: Fri, 21 Oct 2022 11:41:22 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 21 Oct 2022 11:40:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-36
Content-Length: 752604
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9f5f18c780788a1da4e64af5bd3f220d
29f5f1982cdeb65fde01e4985bf9add5d622661f
43a9f210a6255e2840c928b894957dbb98872a058436109b2ed7ec7e962e8185
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:07:44 GMT
Expires: Fri, 28 Oct 2022 16:07:43 GMT
Etag: "29f5f1982cdeb65fde01e4985bf9add5d622661f"
Cache-Control: max-age=549667,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9eef30b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 297f50e18653c68ba2005b34dd4cd494
5b27b86e4035e42edfb552d772008dc51e94f8ad
4ba2bfaf4fef4421a6e0e908cbf9b8a807c16e6b1e937b828321557ae8494015
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 07:40:53 GMT
Expires: Thu, 27 Oct 2022 07:40:52 GMT
Etag: "5b27b86e4035e42edfb552d772008dc51e94f8ad"
Cache-Control: max-age=432856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9ce7c0b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 297f50e18653c68ba2005b34dd4cd494
5b27b86e4035e42edfb552d772008dc51e94f8ad
4ba2bfaf4fef4421a6e0e908cbf9b8a807c16e6b1e937b828321557ae8494015
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 07:40:53 GMT
Expires: Thu, 27 Oct 2022 07:40:52 GMT
Etag: "5b27b86e4035e42edfb552d772008dc51e94f8ad"
Cache-Control: max-age=432856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072c9fe990b65-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2111413162&si=ec34003f0783a55d9a9d1e86ec2f40ad&su=http%3A%2F%2Fwww.csmhgs.com%2F&v=1.2.97&lv=1&sn=64564&r=0&ww=1268&ct=!!&u=https%3A%2F%2Favoumei.com%2F&tt=%E7%BC%A9%E9%98%B4%E5%8A%9F%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E7%BC%A9%E9%98%B4%E5%8A%9F%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 22 Oct 2022 07:16:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8AF31F839CA19E31; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd89cc0b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd8d31b4f7-OSL
gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/a.gif
23.224.92.243200 OK 74 kB URL HTTP/1.1 gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/a.gif
IP 23.224.92.243:0
File type GIF image data, version 89a, 600 x 200\012- data
Hash a26c729e9e6de0a56723a3f2274b9568
f216ff16f6ffc84ed9bd2a7c21d76c5f78fa50e2
1ccb894f25adb615d76e26f2e9d3e546a36dfa1b455220293c5429914893bcca
GET /kmnbhevhfjrtetd/a.gif HTTP/1.1
Host: gnrty.kmjkwe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/gif
Content-Length: 73821
Last-Modified: Thu, 20 Oct 2022 08:39:57 GMT
Connection: keep-alive
ETag: "6351095d-1205d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kmr.mjnbrt.xyz/mnrt/kmrr.png
23.224.92.244200 OK 85 kB URL HTTP/1.1 kmr.mjnbrt.xyz/mnrt/kmrr.png
IP 23.224.92.244:0
File type PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2
Analyzer Verdict Alert quad9 Sinkholed
GET /mnrt/kmrr.png HTTP/1.1
Host: kmr.mjnbrt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Thu, 20 Oct 2022 08:39:59 GMT
Connection: keep-alive
ETag: "6351095f-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/c.gif
23.224.92.243200 OK 84 kB URL HTTP/1.1 gnrty.kmjkwe.xyz/kmnbhevhfjrtetd/c.gif
IP 23.224.92.243:0
File type GIF image data, version 89a, 600 x 200\012- data
Hash 9921b46e46364692e3907209e1ac751d
f471461e26bf90297b4fb9c15a44b33becf7a5b7
d626c8cb11a97739ab83d2cb8d27332f3d3d3294d3a48f5036614646a59adddf
GET /kmnbhevhfjrtetd/c.gif HTTP/1.1
Host: gnrty.kmjkwe.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Oct 2022 07:16:35 GMT
Content-Type: image/gif
Content-Length: 84426
Last-Modified: Thu, 20 Oct 2022 08:39:59 GMT
Connection: keep-alive
ETag: "6351095f-149ca"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0b2d0e884ab0fc43017b255643a5357e
4c67049782b96fb58359e27a3a1092e4e996e99f
1cd23b5c328f2439a1ec6286d675e71e705fc4353cc78ae62fa13588294dd8d0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 21:54:47 GMT
Expires: Thu, 27 Oct 2022 21:54:46 GMT
Etag: "4c67049782b96fb58359e27a3a1092e4e996e99f"
Cache-Control: max-age=484089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd79bf0b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4d4f4c4949f70ff944430155cdc87972
5ecbf416e27c95a4f401324f32d34be864fa10c0
49620d89e04480853d7168a593342fc0d58d2d716acf648a1b3c1ecf02f4017e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 14:37:16 GMT
Expires: Thu, 27 Oct 2022 14:37:15 GMT
Etag: "5ecbf416e27c95a4f401324f32d34be864fa10c0"
Cache-Control: max-age=457838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cd698d0b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6e8f94358cf75380001af1182e395a24
93229d45f227cfb03180c21a2e255774ff55954e
1e963b0ccaec79bbb605f4e28cbe4cb6534014faac23388aa7badc9459d76218
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 19:45:28 GMT
Expires: Thu, 27 Oct 2022 19:45:27 GMT
Etag: "93229d45f227cfb03180c21a2e255774ff55954e"
Cache-Control: max-age=476330,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e072cdbb9c0b02-OSL
pdl.ixelrsd.cn/effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv
203.107.60.95200 OK 20 B URL HTTP/1.1 pdl.ixelrsd.cn/effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /effect.php?type=ecv&planid=30257&adsid=5964298&zoneid=157829&uid=12353&adtplid=19&plantype=cpv HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=234cbd989e858c471acf5716fc18280aafeda2423a46a92d0d210f2721a4c053; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ome.wdgixex.cn/c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
203.107.60.95200 OK 20 B URL HTTP/1.1 ome.wdgixex.cn/c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /c.php?s=JnpvbmVpZD0xNTc4MzAmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NjExMyZwbGFuaWQ9MzA0MzgmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmhodTEyMi5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRGZrMjkmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;3c3c3e2d32734cbd6f7a965fefb4ac1d;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1
Host: ome.wdgixex.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=63a5dfe388bfde3dc3edf5fe3ccc05ddc063349cb68c6c408f673baec67da75f; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 20-Apr-2023 07:16:36 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
12353_30438=re; expires=Sat, 22-Oct-2022 12:16:36 GMT; Max-Age=18000; path=/
do2click_30438=5966113%7C30438%7C12353%7C157830%7C; expires=Sat, 22-Oct-2022 10:16:36 GMT; Max-Age=10800; path=/
doEffect_30438=5966113%7C30438%7C12353%7C157830%7C; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
pdl.ixelrsd.cn/c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
203.107.60.95200 OK 20 B URL HTTP/1.1 pdl.ixelrsd.cn/c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc=
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /c.php?s=JnpvbmVpZD0xNTc4Mjkmc2l0ZWlkPSZ1aWQ9MTIzNTMmYWRzaWQ9NTk2NDI5OCZwbGFuaWQ9MzAyNTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnJyZjI2Ni5jb20lMkYxLmh0bWwlM0ZjaGFubmVsQ29kZSUzRHJ0MzUmdnRpbWU9MjAyMi0xMC0yMiAxNToxNjozNCZpcD05MS45MC40Mi4xNTQ=;71e6554120aa94b2f279332b2b672ac5;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmNzbWhncy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRmF2b3VtZWkuY29tJTJGJmo9MCZwPTAmbT0wJnJlcz0xMjgweDEwMjQmdD0lRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTclOUYlQUQlRTglQTclODYlRTklQTIlOTElMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTglQTclODYlRTklQTIlOTElRTUlODglODYlRTQlQkElQUIlMkMlRTclQkMlQTklRTklOTglQjQlRTUlOEElOUYlRTUlODUlOEQlRTglQjQlQjklRTglQTclODYlRTklQTIlOTEmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=ef61b9a2491342dc8d80ff91a25565dd434c2a6369cb10e41b2d96082437da6f; Path=/; HttpOnly
region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 20-Apr-2023 07:16:36 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
12353_30257=re; expires=Sat, 22-Oct-2022 12:16:36 GMT; Max-Age=18000; path=/
do2click_30257=5964298%7C30257%7C12353%7C157829%7C; expires=Sat, 22-Oct-2022 10:16:36 GMT; Max-Age=10800; path=/
doEffect_30257=5964298%7C30257%7C12353%7C157829%7C; expires=Sat, 29-Oct-2022 07:16:36 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
pdl.ixelrsd.cn/effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv
203.107.60.95200 OK 20 B URL HTTP/1.1 pdl.ixelrsd.cn/effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /effect.php?type=ecv&planid=30438&adsid=5966113&zoneid=157830&uid=12353&adtplid=1001&plantype=cpv HTTP/1.1
Host: pdl.ixelrsd.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=87263acf5c745dfc810fb7a7bf954ffc918b29f1f25da3f6e505795ff783d612; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
img.x978.xyz/images/63144c2882e0a0993f11d1ff.gif
23.225.228.34302 Found 727 B URL HTTP/2 img.x978.xyz/images/63144c2882e0a0993f11d1ff.gif
IP 23.225.228.34:0
File type gzip compressed data, from Unix\012- data
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /images/63144c2882e0a0993f11d1ff.gif HTTP/1.1
Host: img.x978.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_c1ed0dc891c34707b60dcc1387217dbb0.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
203.107.60.95200 OK 727 B URL HTTP/1.1 kmr.wdjptto.cn/tj.html?type=cnzz&id=1279999172
IP 203.107.60.95:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 783cc119a0f7a9011e903e7fe6832f22
2d7ec6bd4a5d9dc19a935048a5624a6357df5842
39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1
Host: kmr.wdjptto.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=c266b8b043be303ff486312ecc3f693275d3f86f86ad6222142ffd2203d2d2a2; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 6ae486328476c6134eaaaef709a7e1c4
bf5820fb2300a9eccbcabb45419e38aa3778dbb0
60f582d955abc16956f9f37498158c1aafa8bf74b55886f934a3052f4780a5fd
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 07:16:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 26 Oct 2022 05:00:31 GMT
ETag: "bf5820fb2300a9eccbcabb45419e38aa3778dbb0"
Last-Modified: Sat, 22 Oct 2022 05:00:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2371
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e072d9bcc91c0e-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash baacb85509de0c5f8c3d8354f02232a7
f9190f9b694f92d385686984a8c2c7880ac4c22f
0dba837f537fc8701c1b28ca4ed0977716462f0f669b09c05084a0ca2731b32c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 8b40aab0-2ced-4e28-85af-a3d1f1347382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYqSE6eoAMFsmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa174-5618d2d53211d0733d8f4765;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mIrGRyvn0AYi3JGLBe_Xx_p-_M5xS_3J6KAqYsATUQhPvlfEVNkG9g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 08:25:09 GMT
age: 82289
etag: "f9190f9b694f92d385686984a8c2c7880ac4c22f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.x957.xyz/images/631b1e4db62b4063cbda4912.gif
23.225.228.34302 Found 0 B URL HTTP/2 img.x957.xyz/images/631b1e4db62b4063cbda4912.gif
IP 23.225.228.34:0
GET /images/631b1e4db62b4063cbda4912.gif HTTP/1.1
Host: img.x957.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_3d532edbfe094f86be065fbf7cf036430.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js
103.193.175.62200 OK 0 B URL HTTP/2 avoumei.com/template/m1938pc/static/js/jquery.lazyload.min.js
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:22 GMT
vary: Accept-Encoding
etag: W/"61d99ad6-d35"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.x969.xyz/images/6319dc94178bb5a0f938807a.gif
23.225.222.2302 Found 0 B URL HTTP/2 img.x969.xyz/images/6319dc94178bb5a0f938807a.gif
IP 23.225.222.2:0
GET /images/6319dc94178bb5a0f938807a.gif HTTP/1.1
Host: img.x969.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_800228047ad643f6ba9c2f513836c6240.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
avoumei.com/
103.193.175.62200 OK 0 B IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
GET / HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.csmhgs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/css/zui.css
103.193.175.62200 OK 0 B URL HTTP/2 avoumei.com/template/m1938pc/css/zui.css
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 03:50:12 GMT
vary: Accept-Encoding
etag: W/"6211ba74-16319"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
avoumei.com/template/m1938pc/css/1.css
103.193.175.62200 OK 0 B URL HTTP/2 avoumei.com/template/m1938pc/css/1.css
IP 103.193.175.62:0
ASN #136933 Gigabitbank Global
GET /template/m1938pc/css/1.css HTTP/1.1
Host: avoumei.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avoumei.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 07:16:32 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 14:15:38 GMT
vary: Accept-Encoding
etag: W/"62124d0a-8307"
expires: Sat, 22 Oct 2022 19:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2