avlulu122.xyz/
104.21.90.36301 Moved Permanently 0 B IP 104.21.90.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: avlulu122.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Nov 2022 05:31:08 GMT
Content-Length: 0
Connection: keep-alive
Location: https://avlulu.cc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEaRWsPLdpNbiZxt2SAFkquFGEr%2F85nRW7%2FOjfeeS%2BMszfPeWttrPutWraEjd2sNeuSa5hQHQlG7gcYihrUh4mRfjfi8zKUjlsn7nPj6%2BAFqrLDqtEzDIoydgQAakUep"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df46efbb4c0b59-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17482
Expires: Tue, 22 Nov 2022 10:22:30 GMT
Date: Tue, 22 Nov 2022 05:31:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4390
Cache-Control: max-age=108799
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:08 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:44:27 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5106
Expires: Tue, 22 Nov 2022 06:56:14 GMT
Date: Tue, 22 Nov 2022 05:31:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 05:09:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1307
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +wNzKMbpE+j3nBwFBlSzlVlicioeLXafnhXbBUlkzonyIvPZhTuuWw0FrthKEAs5HbwmU18vi3g=
x-amz-request-id: JVKSFRY1AP53F6GF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 04:39:25 GMT
age: 3103
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 05:31:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6b34e3014495c7dd4fa81ff9bb06d10e
cc21985671147361edcf4bd9d79deda271c96a99
2315d68bdd7b793c0f61a15e13a5a4f7860b60eee78d3b8ff52b97f13061d0d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145764
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:08 GMT
Etag: "637bf500-118"
Expires: Wed, 23 Nov 2022 22:00:32 GMT
Last-Modified: Mon, 21 Nov 2022 22:00:32 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 1335
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6b34e3014495c7dd4fa81ff9bb06d10e
cc21985671147361edcf4bd9d79deda271c96a99
2315d68bdd7b793c0f61a15e13a5a4f7860b60eee78d3b8ff52b97f13061d0d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=145764
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:08 GMT
Etag: "637bf500-118"
Expires: Wed, 23 Nov 2022 22:00:32 GMT
Last-Modified: Mon, 21 Nov 2022 22:00:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1404
Cache-Control: max-age=100749
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:09 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 09:30:18 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 913224b1b170ac028dd25d2dcbda2d09
0f91196f06a3d15c6b8f6b5b86beeaefb333940a
5f87f26d683e58e4739a412d2fc7916ae756619ecde689c7bf8d502d2f37ec54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F87F26D683E58E4739A412D2FC7916AE756619ECDE689C7BF8D502D2F37EC54"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16831
Expires: Tue, 22 Nov 2022 10:11:40 GMT
Date: Tue, 22 Nov 2022 05:31:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 913224b1b170ac028dd25d2dcbda2d09
0f91196f06a3d15c6b8f6b5b86beeaefb333940a
5f87f26d683e58e4739a412d2fc7916ae756619ecde689c7bf8d502d2f37ec54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F87F26D683E58E4739A412D2FC7916AE756619ECDE689C7BF8D502D2F37EC54"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16831
Expires: Tue, 22 Nov 2022 10:11:40 GMT
Date: Tue, 22 Nov 2022 05:31:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 913224b1b170ac028dd25d2dcbda2d09
0f91196f06a3d15c6b8f6b5b86beeaefb333940a
5f87f26d683e58e4739a412d2fc7916ae756619ecde689c7bf8d502d2f37ec54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F87F26D683E58E4739A412D2FC7916AE756619ECDE689C7BF8D502D2F37EC54"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16869
Expires: Tue, 22 Nov 2022 10:12:18 GMT
Date: Tue, 22 Nov 2022 05:31:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 913224b1b170ac028dd25d2dcbda2d09
0f91196f06a3d15c6b8f6b5b86beeaefb333940a
5f87f26d683e58e4739a412d2fc7916ae756619ecde689c7bf8d502d2f37ec54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F87F26D683E58E4739A412D2FC7916AE756619ECDE689C7BF8D502D2F37EC54"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16869
Expires: Tue, 22 Nov 2022 10:12:18 GMT
Date: Tue, 22 Nov 2022 05:31:09 GMT
Connection: keep-alive
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: whDQtYsTNqagjtMR0GIQfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +msfasgrIK+z44zBrqvuEqsQ6no=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee1a587532cb09f8166109f3a7ba6e48
460e73f1635cbcacf6a6eec7150fa4a2701e1c82
fcc82eefa54f15210e613d3c74cb5ca2fa968084c410cd418d6fa6b9fd39e26f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:10 GMT
Etag: "637a3733-117"
Last-Modified: Tue, 22 Nov 2022 04:13:49 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5c0ea70e329867d40571c4e0a4b9a79
33505b38e0e09a4cfaff9979cd5745a21158a428
a8ce056e77fbfcea0a3573d286d5e02fb8092331a7bff41bf57d5ec49ef1a5b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8CE056E77FBFCEA0A3573D286D5E02FB8092331A7BFF41BF57D5EC49EF1A5B2"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18144
Expires: Tue, 22 Nov 2022 10:33:34 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d
104.21.234.237200 OK 627 kB URL HTTP/2 webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d
IP 104.21.234.237:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 627 kB (626576 bytes)
Hash 0df6f37a39e7bc7b61ece58bffd27c0c
3f25d6b284670bd393d110a0593e386f0787d07a
69e367860219e3f8631647caa2d13aacb29c56a50060ee80935b117033dcc747
GET /static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d HTTP/1.1
Host: webs19.theavstatic.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: image/gif
last-modified: Wed, 07 Sep 2022 05:30:23 GMT
vary: Accept-Encoding
etag: W/"63182c6f-98d99"
expires: Wed, 30 Nov 2022 04:04:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1906002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUqZtIsftou6PlxexPEwxm3Csl96CP5T04Xc%2FhRGDSmt6qEz7eq7zSWfYem1bM9Wh9dIDLnhoxre4J9RlG81c0Zf9st1OsGcXDcGdahVDZ1AcmxJrM4iUBgcSK7v7IkDgGsfA2lQx27h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76df46fcc83d7300-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f44f19536e0ce7801114501800022e86
c59827ea0accdfb94b77d87f342dbd83a0c6fe29
ceaa30edf67323af9f00bd9349134deb50a384a47e844b3087d834eb950ee1c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAA30EDF67323AF9F00BD9349134DEB50A384A47E844B3087D834EB950EE1C0"
Last-Modified: Sun, 20 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11118
Expires: Tue, 22 Nov 2022 08:36:28 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b611eb40ed6df13185a510e09d8bc95
d87309efeb4d832d423f5506b8bcb92181213cd0
037984e28353c697f706ca46f5899c04cb81f87b212e92d64ea3fd3da53b2f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "037984E28353C697F706CA46F5899C04CB81F87B212E92D64EA3FD3DA53B2F19"
Last-Modified: Sun, 20 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7402
Expires: Tue, 22 Nov 2022 07:34:32 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b611eb40ed6df13185a510e09d8bc95
d87309efeb4d832d423f5506b8bcb92181213cd0
037984e28353c697f706ca46f5899c04cb81f87b212e92d64ea3fd3da53b2f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "037984E28353C697F706CA46F5899C04CB81F87B212E92D64EA3FD3DA53B2F19"
Last-Modified: Sun, 20 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7402
Expires: Tue, 22 Nov 2022 07:34:32 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f44f19536e0ce7801114501800022e86
c59827ea0accdfb94b77d87f342dbd83a0c6fe29
ceaa30edf67323af9f00bd9349134deb50a384a47e844b3087d834eb950ee1c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAA30EDF67323AF9F00BD9349134DEB50A384A47E844B3087D834EB950EE1C0"
Last-Modified: Sun, 20 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11118
Expires: Tue, 22 Nov 2022 08:36:28 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
jytdlz.com/avlulu/js/t.avlulu.js?f0cd92aeba4a040c47a
172.67.156.15200 OK 227 kB URL HTTP/2 jytdlz.com/avlulu/js/t.avlulu.js?f0cd92aeba4a040c47a
IP 172.67.156.15:0
File type Unicode text, UTF-8 text, with very long lines (64610), with no line terminators
Size 227 kB (226654 bytes)
Hash ad8e46f53db0c0f05c62793117b393e7
a063818711fae129b6809074da850550eddc6b78
5542076bdcce388e7fd443077d893357a9401dbe598d58dd76b650d5cbf3896c
GET /avlulu/js/t.avlulu.js?f0cd92aeba4a040c47a HTTP/1.1
Host: jytdlz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:09 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 02:21:11 GMT
vary: Accept-Encoding
etag: W/"637c3217-c1475"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWTJykZLBIJYFw8Eue31ytMGufTaiynmzqi%2BAnQbV%2FOiLjuYmBq8Dt%2F%2FgU4y954NXgE6HP3Eh339YFxyes1%2BAeSAtQIzXXPENi30yNQw6yHww7036%2BhAats2U%2BZt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76df46f6f85c0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 79af451c1147a27b4dd1599b5cd3369e
7515bc86da0c1b4ca926a1eac440da8a38eafe73
a9a52f9207f011361689c47ae52566c10823dcc4c4bbbb726e2138fe6db764a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9A52F9207F011361689C47AE52566C10823DCC4C4BBBB726E2138FE6DB764A9"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14908
Expires: Tue, 22 Nov 2022 09:39:38 GMT
Date: Tue, 22 Nov 2022 05:31:10 GMT
Connection: keep-alive
kveff.com/145498385d51f6114f01924b07a536b5.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kveff.com/145498385d51f6114f01924b07a536b5.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: text/html
content-length: 162
location: https://kvteee.top/145498385d51f6114f01924b07a536b5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif
45.154.215.90301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif
IP 45.154.215.90:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: text/html
content-length: 162
location: https://kvtggg.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif
45.154.215.90301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif
IP 45.154.215.90:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:10 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fb3f2b921f8580c61e9971ed82b1e0c
58fc48b08f8e04a6cfed3d9f07c414ea32f21c94
1ca4bf13f54075a327c68251bfb506c8a77cfa7f8cfada27fa0248c687a4dca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CA4BF13F54075A327C68251BFB506C8A77CFA7F8CFADA27FA0248C687A4DCA5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15265
Expires: Tue, 22 Nov 2022 09:45:36 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17787
Expires: Tue, 22 Nov 2022 10:27:38 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b71cbca9797a69b8ce4948cf50f0f0e7
2a2bd429f0fbd92bd2bad25e629f324cd6ea72fc
9c23b4241337151874a7e76e2493ba1e8ba0307def4f599b0b3232aa031d2b02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C23B4241337151874A7E76E2493BA1E8BA0307DEF4F599B0B3232AA031D2B02"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 22 Nov 2022 11:31:11 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b591bcc9d645eed0ea6ebc5dae07d31
97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hd2a0sbw7fzVnkVpCOEAnu_W-Z0EajArOracSTImr6jbhOFwKbDKpw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:44:56 GMT
age: 27975
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253593d1b3f90aa54d0748688fbb09ac
470c54ca28e1e5c56828c8c7f9849374061f501e
d8d331519f526b1117e4f67b0fb5fb46f400a63d1cb5757a3f22201ea70301ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9598
x-amzn-requestid: a713ce94-2441-4288-b6d8-cd6b638274b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqVGgJoAMFz5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-5ed8e45c664203e137f8c92b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mDiJvNjoSqIbYd2Mx4Kv5muJ-g-hehPMyWAjnZuhidG7uEtjdTtTGA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:36:15 GMT
etag: "470c54ca28e1e5c56828c8c7f9849374061f501e"
content-type: image/jpeg
age: 24896
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash c9dc4c92273dd023d7c5cb14df303388
3cc8be0658aa3b2d4b20988de4530de82c3aae7c
af7334cf559e63a041cd8ba0b991ad5e91ee232f6ed4f38c856195c60e4f0b38
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 02:59:43 GMT
ETag: "3cc8be0658aa3b2d4b20988de4530de82c3aae7c"
Last-Modified: Tue, 22 Nov 2022 02:59:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47024a91b512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b10ba4098cba09bc23e01ab74996f858
9f3a594fb2e239a7a387aa5a89283d57d8d667e9
a434f58404df80a4bba0745def9d08ace878d9250d10ce874fe1a50106862e7e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 04:13:15 GMT
ETag: "9f3a594fb2e239a7a387aa5a89283d57d8d667e9"
Last-Modified: Tue, 22 Nov 2022 04:13:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1269
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47024aefb4ff-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b10ba4098cba09bc23e01ab74996f858
9f3a594fb2e239a7a387aa5a89283d57d8d667e9
a434f58404df80a4bba0745def9d08ace878d9250d10ce874fe1a50106862e7e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 04:13:15 GMT
ETag: "9f3a594fb2e239a7a387aa5a89283d57d8d667e9"
Last-Modified: Tue, 22 Nov 2022 04:13:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1269
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df470248800b65-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 08:17:18 GMT
age: 76433
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 26905
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd62f641e9d58eee10e41db0fa00b5f2
4210e5f150a49d6f6ee26cbb11ded8173ab8cf74
5858451bf7cac97b8881dde7e3197110fa8639c1d94b51934859669c51221e1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 7db10594-4acc-448d-b724-1c4bc8ec42ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrVFtRoAMFTzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee48-0a466f6b0bd48f3532216bca;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EZ6DqZY1DDMr_jSZs-aGTsD37q6dKLIEk9XJhKRTNOjjxfU-lWh8eg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:01 GMT
age: 27910
etag: "4210e5f150a49d6f6ee26cbb11ded8173ab8cf74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:49:11 GMT
age: 6120
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a6943abc559632165d5bc4fca3e93875
156e8f098eedf486975eaa091e4264bf87ef51f5
d33eeb2fa7643d34fa9bdaaf3b8c21fceb086b33a74b0d485973b4a50e40323a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 15:36:46 GMT
Expires: Sat, 26 Nov 2022 15:36:45 GMT
Etag: "156e8f098eedf486975eaa091e4264bf87ef51f5"
Cache-Control: max-age=381333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76df4702aad2b4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a6943abc559632165d5bc4fca3e93875
156e8f098eedf486975eaa091e4264bf87ef51f5
d33eeb2fa7643d34fa9bdaaf3b8c21fceb086b33a74b0d485973b4a50e40323a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 15:36:46 GMT
Expires: Sat, 26 Nov 2022 15:36:45 GMT
Etag: "156e8f098eedf486975eaa091e4264bf87ef51f5"
Cache-Control: max-age=381333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76df4702ae9ab51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ebe699998ccd519beee756227a4b353d
cb75f7195e70948d99e752287890e963db874df5
8c57a55ee7a768be2f114bb95646523922c98294e79d7fbaac3040de5d22c2b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 18:50:23 GMT
Expires: Sat, 26 Nov 2022 18:50:22 GMT
Etag: "cb75f7195e70948d99e752287890e963db874df5"
Cache-Control: max-age=392950,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76df4702ae99b51e-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4366d385ed8c97b56f0801e9587d1979
fa5388ed82b2b82b357a197b7f7356ad02c40aef
f3471475fd822b00d6a4cd7e878d09ff6bd43ab178228efa058d20b8e70a791b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3471475FD822B00D6A4CD7E878D09FF6BD43AB178228EFA058D20B8E70A791B"
Last-Modified: Mon, 21 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10446
Expires: Tue, 22 Nov 2022 08:25:17 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e72ac0a0706d4e86b8da5d0426d2eb05
b741e915bc806c121e2c8d94e8bdeaaee1ddcca3
34bb8f43e8c4dd0435cd39c8bafc24223c2e79f8c90fd107808ed009586a1575
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "34BB8F43E8C4DD0435CD39C8BAFC24223C2E79F8C90FD107808ED009586A1575"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4909
Expires: Tue, 22 Nov 2022 06:53:00 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81882b1c573db5f17da5524a6e242181
3522b949dccd029b0ef2ff8d1cdc7afc04900630
fc670f26e3f8257b8f5f2f04f97ee0e095fad4b6e0000017aec85f82bfefbd72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC670F26E3F8257B8F5F2F04F97EE0E095FAD4B6E0000017AEC85F82BFEFBD72"
Last-Modified: Sat, 19 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 22 Nov 2022 11:31:11 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kzeww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/4f5ca562874d2b77c6c37263e48db5c6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
IP 142.250.74.35:0
Hash da68ef55161c6f113c5f1415d24092f9
3178d886aa8b7027c243ed8062b30e02ace638b3
74e4f8a49e6846ccc2c5e7f78414c401eb55e03e17fcb14db29054243fd2d438
POST /s/gts1p5/oADvxlJeYT8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
104.21.233.168200 OK 631 kB URL HTTP/2 kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
IP 104.21.233.168:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 631 kB (631088 bytes)
Hash 64fbc8087436743e9e2a7d252b9d261c
5ad442d4dda6ee04f4029fb0ada6249689bd7ff3
4a06886a49926cf2a0467794987e296de19189a1b3e6d2add0fd93be42d07e2f
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 631088
last-modified: Mon, 03 Oct 2022 14:32:48 GMT
etag: "633af290-9a130"
expires: Thu, 15 Dec 2022 17:11:49 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 562762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2lOGNMnREaFLSrVGZCP3j0ENAB6jgP1zrW98g3Vo%2BLwzAoiKGGiadr9F8YHQkw9HX1M%2BxRvueV8On2KVg%2B9JiLGbyq6DdytyPp%2BrRWZG%2BEmwcr7lwqJLXxTHlRx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47037c0574b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56f7f43b0e9812408c0c7ea9632f9066
bed541aedeb35f797aa08c3bbf6117ffd8bbb923
665f8c0eeebea758ad6b3cc4e40b698aa06d9d311308c0a52bffd2aee272d683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "665F8C0EEEBEA758AD6B3CC4E40B698AA06D9D311308C0A52BFFD2AEE272D683"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3833
Expires: Tue, 22 Nov 2022 06:35:04 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
IP 142.250.74.35:0
Hash da68ef55161c6f113c5f1415d24092f9
3178d886aa8b7027c243ed8062b30e02ace638b3
74e4f8a49e6846ccc2c5e7f78414c401eb55e03e17fcb14db29054243fd2d438
POST /s/gts1p5/oADvxlJeYT8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6da3e946e93a993014db697dc1b0402b
85975a4be97db6f8bdcf699585dd62e4d295df80
d91f672da018f3d572c7c7dcc2a29ebde11f1ebeab69b4892cefa2558a38e459
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D91F672DA018F3D572C7C7DCC2A29EBDE11F1EBEAB69B4892CEFA2558A38E459"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13454
Expires: Tue, 22 Nov 2022 09:15:25 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3ec6172ac1e64cd21934d3d4b2eb4f62
631eb7efeac61a957d1a972021dd4dc843dd8e6e
d7f54a3acd91821836c726a08ced5cf61aeb2df90e1873200c10bb3fc168bea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7F54A3ACD91821836C726A08CED5CF61AEB2DF90E1873200C10BB3FC168BEA8"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14690
Expires: Tue, 22 Nov 2022 09:36:01 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4b78bd72023c1db94a460a9b9649cf0a
688b2deff92b1aab2b1eee3578fb38855ac83614
998d81517f179356f88a5fced48cf76c09f0117cc0479a5c82f8a241856fe96d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 05:19:05 GMT
ETag: "688b2deff92b1aab2b1eee3578fb38855ac83614"
Last-Modified: Tue, 22 Nov 2022 05:19:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47028abcb512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1744417440c45d60db27b82e53f8c953
de72af3f6626584a0ce5a03885e3d72181ed4345
a45d81ee6b06964ecc8dcfdb0ddccc5e0780c108e1fb6d3b6c3716a4492154eb
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 02:01:09 GMT
ETag: "de72af3f6626584a0ce5a03885e3d72181ed4345"
Last-Modified: Tue, 22 Nov 2022 02:01:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 597
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47050c63b512-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1744417440c45d60db27b82e53f8c953
de72af3f6626584a0ce5a03885e3d72181ed4345
a45d81ee6b06964ecc8dcfdb0ddccc5e0780c108e1fb6d3b6c3716a4492154eb
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 02:01:09 GMT
ETag: "de72af3f6626584a0ce5a03885e3d72181ed4345"
Last-Modified: Tue, 22 Nov 2022 02:01:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 597
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47050d13b500-OSL
uuu.xiaobi200.com/vipgg/pc/images/tongcheng.gif
23.224.129.102200 OK 117 kB URL HTTP/2 uuu.xiaobi200.com/vipgg/pc/images/tongcheng.gif
IP 23.224.129.102:0
File type GIF image data, version 89a, 1230 x 80\012- data
Size 117 kB (117386 bytes)
Hash 10795ba0d9de876f1ce51bcd7695b217
bc7e41f168bd6c25b4d7cde5cbd6074b9068a4d1
4c57b29531f38426cc4cc3a8438e5e87fc9d5b87c997c3e506e33ad88b0d011a
GET /vipgg/pc/images/tongcheng.gif HTTP/1.1
Host: uuu.xiaobi200.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 117386
last-modified: Sat, 05 Feb 2022 14:06:38 GMT
etag: "61fe846e-1ca8a"
expires: Thu, 22 Dec 2022 05:31:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvegg.com/9ffd660a497227c2a02eab75b51f91b9.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvegg.com/9ffd660a497227c2a02eab75b51f91b9.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /9ffd660a497227c2a02eab75b51f91b9.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://kvtooo.top/9ffd660a497227c2a02eab75b51f91b9.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e72ac0a0706d4e86b8da5d0426d2eb05
b741e915bc806c121e2c8d94e8bdeaaee1ddcca3
34bb8f43e8c4dd0435cd39c8bafc24223c2e79f8c90fd107808ed009586a1575
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "34BB8F43E8C4DD0435CD39C8BAFC24223C2E79F8C90FD107808ED009586A1575"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4909
Expires: Tue, 22 Nov 2022 06:53:00 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4b78bd72023c1db94a460a9b9649cf0a
688b2deff92b1aab2b1eee3578fb38855ac83614
998d81517f179356f88a5fced48cf76c09f0117cc0479a5c82f8a241856fe96d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 05:19:05 GMT
ETag: "688b2deff92b1aab2b1eee3578fb38855ac83614"
Last-Modified: Tue, 22 Nov 2022 05:19:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df470439820b65-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd490cff7d54beaf942a7540b752d21a
008f40f9764f057c6268250deadd7a09dffff50b
b5403fe46f559feee6081f0c63efef13c463d2ea059d22aacad7cc74aed07709
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5403FE46F559FEEE6081F0C63EFEF13C463D2EA059D22AACAD7CC74AED07709"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14134
Expires: Tue, 22 Nov 2022 09:26:45 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d2b9e2af1345077c6e2a8a13c54ef6c
a4b8ef09fa94ec85bc5d8e5240c06ebef67cecbc
dd3fb66befb1f816324f8ec4c308128a4aff1df154ea8718ed057ca50124545e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DD3FB66BEFB1F816324F8EC4C308128A4AFF1DF154EA8718ED057CA50124545E"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16635
Expires: Tue, 22 Nov 2022 10:08:26 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif
104.21.233.216200 OK 423 kB URL HTTP/2 kvtfff.top/e6fdfe6babffce68e22b9c38b992583e.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 423 kB (423171 bytes)
Hash 870e11855fcf9b4543dd73b8c4d6553f
40547a8f18fe714fca987dc0e8d985ba46244ec1
3040d91b0666a0585ba9a75d3f77a1efd0c4b4bad85e18cc409fba03a7ed559a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 423171
last-modified: Sat, 12 Nov 2022 01:03:29 GMT
etag: "636ef0e1-67503"
expires: Mon, 12 Dec 2022 03:08:42 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 872549
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqNwRIS1R4eqjVzqkY5CK8zk8b7p%2BK8rGo89BxgtLmu14L2%2FRPm%2Boj3Px%2BUdQrz7NBRCMGdCGBvSSmEv5G3X2GZf%2FbjX%2FOhBkBnnn4wqZOyidCL2fols66TU05gR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4704f8678892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif
104.21.233.216200 OK 524 kB URL HTTP/2 kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif
IP 104.21.233.216:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 524 kB (524316 bytes)
Hash ab00ff5aa53f9c2ae0f048518e94911e
84cccff597b536d7d4bd462b369dd9bf42ea4a9a
cb96931b2f0f9a849cb8f6ea462315c9e8f7f648a49ddf284e6ed87ef9e36edc
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 524316
last-modified: Sun, 21 Aug 2022 08:40:42 GMT
etag: "6301ef8a-8001c"
expires: Tue, 13 Dec 2022 09:13:19 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 764272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe1R4xr1qnLDGkSCCphp6HdwZEPaSHYP6gEbmNyP4vgBI8%2BuFD8JyOmoGjZD6SMMTQ%2Fh6oKzVMmAB3QzSIaEsowdVTYWOWdh20HcH30fU6SIwcYnpArGTsBXAnWp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4704e8668892-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.21.94.20200 OK 864 kB URL HTTP/2 kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.21.94.20:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Tue, 20 Dec 2022 05:46:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 171877
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zb1GU%2FMTnaUlbfq8DQD9hCrTA5UJO3LWPBtKw00gcb3f3c9gaZjkuwTRHn3azNUvL1Zvsp8OrldbNfgz9ocJp%2FvrKaCtXsK3%2Bhqm7wDsWUw%2B1780IshyW7b8Ojuf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4705cf730b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5c759e2f0ac3d5ab694062a92dfe62e9
8c3e0a4b01819ce0091e90f2baf5950661477b6e
c56a6410162101a5e353d6c17d83d97af12e86db514de085bca741215c0150e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=167744
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:11 GMT
Etag: "637c4adf-118"
Expires: Thu, 24 Nov 2022 04:06:55 GMT
Last-Modified: Tue, 22 Nov 2022 04:06:55 GMT
Server: nginx
Content-Length: 280
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4b78bd72023c1db94a460a9b9649cf0a
688b2deff92b1aab2b1eee3578fb38855ac83614
998d81517f179356f88a5fced48cf76c09f0117cc0479a5c82f8a241856fe96d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 05:19:05 GMT
ETag: "688b2deff92b1aab2b1eee3578fb38855ac83614"
Last-Modified: Tue, 22 Nov 2022 05:19:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47036c9cb4ff-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3065c5f42001d42d194f04bb5ffa7769
9fd829ec67f3fcb1e50484c91bc55d5cdc930ff6
34636a09b858d468b49c20b8ac9c01ba1fad0b274fc1ea51fca477579d400d8d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "34636A09B858D468B49C20B8AC9C01BA1FAD0B274FC1EA51FCA477579D400D8D"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4689
Expires: Tue, 22 Nov 2022 06:49:20 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ae4858ef94feacb63ff57a323ad5a54f
275ad25235ac997a14d7132a46777dcc99614eeb
4e3dfadf09061be66b55aabbf4dd7c8501078ca7bac39c41d539caa65c6cfd8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 12:54:38 GMT
Expires: Sat, 26 Nov 2022 12:54:37 GMT
Etag: "275ad25235ac997a14d7132a46777dcc99614eeb"
Cache-Control: max-age=371605,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76df47061947b51e-OSL
dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
104.110.17.24200 OK 56 kB URL HTTP/2 dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 760 x 70\012- data
Hash 1a6428da25ae1a7827cd1c5bba54ef18
45e13e8fd9547535326ec8f8ebb866dd4bfbeb1a
c17b9cc5abf071007c532b8962edcd945d44c24bbb0fe430241991eb4d52d18c
GET /images/01003120009thg27w15E2.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 55980
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6774986
expires: Wed, 08 Feb 2023 15:27:37 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient
104.110.17.24200 OK 61 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 71d3b226da95d5a5abb3f063324964be
9c72ed2e2e083a71d179f3a5b1d759e898f40d58
565a28ff220536add488d456ca85c28c58b1bd8dc8fe0d359b31a482c6072d31
GET /images/0106d120009xynp2h4C59.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 61146
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=9331936
expires: Fri, 10 Mar 2023 05:43:27 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101v12000a5k17wr6A53.gif
104.110.17.24200 OK 432 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101v12000a5k17wr6A53.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 600 x 360\012- data
Size 432 kB (431879 bytes)
Hash 5283205fce6e3edd982eb37f65fd3757
860efb61f8563d46cb78f2c0011d9c12975d0d78
f20591fb7ebe958e90f10c8967f65f519a93fa08a3397e2aa2a93a85604b4250
GET /images/0101v12000a5k17wr6A53.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 431879
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 120
cache-control: max-age=6689415
expires: Tue, 07 Feb 2023 15:41:26 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105k12000a43b0ih421B.gif
104.110.17.24200 OK 185 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105k12000a43b0ih421B.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 185 kB (184707 bytes)
Hash 4b4a58630a5f0a27a6cc303e29970e38
2785d550c4fcf23a291ccf836ce51d9688f944b8
0eb1fe5ac79f32c8a8208f7803592ff1364b0447e010ad4aa1f8207b45489bfd
GET /images/0105k12000a43b0ih421B.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 184707
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13412528
expires: Wed, 26 Apr 2023 11:13:19 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif
104.110.17.24200 OK 647 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 647 kB (646750 bytes)
Hash 72371f5b3f1ea1f932ea3882fd5aa02d
b07f955239aaace3a248b70e6137fc91e31bfe7c
f451864300cba47430ddb92cc3f6a9a6602ffacf2c52da2384cce41cb8927912
GET /images/0102y12000a3kjdfv5BC0.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 646750
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13063314
expires: Sat, 22 Apr 2023 10:13:05 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif
104.110.17.24200 OK 487 kB URL HTTP/2 dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 487 kB (486900 bytes)
Hash 74d02513f3773d3b94765a1315157565
eccace184c4c8b0680d980d3be10d7eb0d1a2e93
37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c
GET /images/01025120009xlxvcj935B.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 486900
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=9067137
expires: Tue, 07 Mar 2023 04:10:08 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif
104.110.17.24200 OK 854 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 854 kB (853944 bytes)
Hash d79a778e368adfa2f53d664e82abde9e
7dadfb41956752ef565c1abff3503165b425d37d
0935a89bc9ea17037cebcba4feb1cd87fca775504e2b4f5e2c61b4c79dd2ce15
GET /images/0101h12000a5zplxc0A0D.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 853944
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7120341
expires: Sun, 12 Feb 2023 15:23:32 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2149a0639d4bdf924eaf520ea46fe479
da3cb7e4cc59a640eef021152b4ccf6af7c50b34
8f2601bb6f561b3c59c7fcac4655abdb7c8e270f94ed63fb9be521a4d6a7c5c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151916
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:11 GMT
Etag: "637c0d0b-117"
Expires: Wed, 23 Nov 2022 23:43:07 GMT
Last-Modified: Mon, 21 Nov 2022 23:43:07 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6da3e946e93a993014db697dc1b0402b
85975a4be97db6f8bdcf699585dd62e4d295df80
d91f672da018f3d572c7c7dcc2a29ebde11f1ebeab69b4892cefa2558a38e459
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D91F672DA018F3D572C7C7DCC2A29EBDE11F1EBEAB69B4892CEFA2558A38E459"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13454
Expires: Tue, 22 Nov 2022 09:15:25 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0393s120009rrlocdE7BE.gif
104.110.17.24200 OK 989 kB URL HTTP/2 dimg04.c-ctrip.com/images/0393s120009rrlocdE7BE.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 989 kB (988610 bytes)
Hash 4145292e4c977dcbc7b371f460e08cf2
c8025e36c672a4240da49f73e80295b42a71b274
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
GET /images/0393s120009rrlocdE7BE.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 988610
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6322460
expires: Fri, 03 Feb 2023 09:45:31 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kvkjjj.top/4f5ca562874d2b77c6c37263e48db5c6.gif
104.21.43.117200 OK 845 kB URL HTTP/2 kvkjjj.top/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 104.21.43.117:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
Analyzer Verdict Alert quad9 Sinkholed
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kvkjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 845326
last-modified: Sat, 01 Oct 2022 05:25:56 GMT
etag: "6337cf64-ce60e"
expires: Mon, 12 Dec 2022 08:12:43 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 854308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5FqQF85k4c%2FopQU13mrK4owI7UnnzRcTrHo57QgapOIMF5MamM2sBUSTCb0PS4VtwnyD9WhKDHGXdU7B5qkRTEJBA83RITuj7JhQnZDJxKl47b1AOOkWgCL1SiJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47072edfb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvteee.top/145498385d51f6114f01924b07a536b5.gif
104.21.233.124200 OK 419 kB URL HTTP/2 kvteee.top/145498385d51f6114f01924b07a536b5.gif
IP 104.21.233.124:0
File type GIF image data, version 89a, 1000 x 70\012- data
Size 419 kB (419407 bytes)
Hash 1ad3a6e666c8887f86803257e9cd8e60
e2de9f10e84ac7bed0888a6c413f828cd821e363
d7ea8e56a04ae30d7b34c85f2251d385895e999f5f03ecfb03a9a98b4c6f3c92
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: kvteee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 419407
last-modified: Tue, 16 Aug 2022 11:20:14 GMT
etag: "62fb7d6e-6664f"
expires: Thu, 01 Dec 2022 04:13:12 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1819079
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrZo%2B4MggmM0lUykYjhQ16bLs63dEwlsHh3g84WXDaNXmMk7a2J%2BzyAmPSlB%2FfPtqL2S0r94BjeoAdKpsXjesqvU71%2B3zSxw8%2BS7Z6Lt1ukaC0Qsg%2B3ayQKzkLUv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47065e2f772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfd3a720e618cfcae320e8eea8c91f45
998a739ba00255145a02b487d2c28f09cfbb3a48
2b11c483a45f3b9a9c6d70317d21577d322308bd3630855c480142877c18f28b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2B11C483A45F3B9A9C6D70317D21577D322308BD3630855C480142877C18F28B"
Last-Modified: Sat, 19 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17881
Expires: Tue, 22 Nov 2022 10:29:12 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0393s120009rsbu8hA416.gif
104.110.17.24200 OK 1.3 MB URL HTTP/2 dimg04.c-ctrip.com/images/0393s120009rsbu8hA416.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /images/0393s120009rsbu8hA416.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1296026
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 273
cache-control: max-age=13969824
expires: Tue, 02 May 2023 22:01:35 GMT
date: Tue, 22 Nov 2022 05:31:11 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5c759e2f0ac3d5ab694062a92dfe62e9
8c3e0a4b01819ce0091e90f2baf5950661477b6e
c56a6410162101a5e353d6c17d83d97af12e86db514de085bca741215c0150e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=167744
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:11 GMT
Etag: "637c4adf-118"
Expires: Thu, 24 Nov 2022 04:06:55 GMT
Last-Modified: Tue, 22 Nov 2022 04:06:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
n0622.com/af01a7e6be14422c825639a6e627e2e6.gif
104.208.83.207200 OK 81 kB URL HTTP/1.1 n0622.com/af01a7e6be14422c825639a6e627e2e6.gif
IP 104.208.83.207:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 61fd876988b24d3a3d3848469da9d6ee
ad0041890e243bcf73dc08bd7c78ef9ae35f5004
267fcf4ec6eb2f446829b709a14df1975fc0b09a3bb3214636eac37727a318ba
GET /af01a7e6be14422c825639a6e627e2e6.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 16:28:45 GMT
ETag: W/"6379043d-48df7"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d2b9e2af1345077c6e2a8a13c54ef6c
a4b8ef09fa94ec85bc5d8e5240c06ebef67cecbc
dd3fb66befb1f816324f8ec4c308128a4aff1df154ea8718ed057ca50124545e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DD3FB66BEFB1F816324F8EC4C308128A4AFF1DF154EA8718ED057CA50124545E"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16635
Expires: Tue, 22 Nov 2022 10:08:26 GMT
Date: Tue, 22 Nov 2022 05:31:11 GMT
Connection: keep-alive
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.189.203200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.189.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Thu, 22 Dec 2022 00:38:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 17585
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv%2FzDE9%2BdTkdNHFpB1wx9Paq7zobbpfILQwO74MZccE%2BO2O%2BATGN%2FHmIpDDftZSX8U7BL3l1nbFtW8XO8LhaUaX65o4fMtOXgedAEjIZYzqCRZrswfDNvNCds97vWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4707aad30b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtooo.top/9ffd660a497227c2a02eab75b51f91b9.gif
104.21.56.15200 OK 477 kB URL HTTP/2 kvtooo.top/9ffd660a497227c2a02eab75b51f91b9.gif
IP 104.21.56.15:0
File type GIF image data, version 89a, 1000 x 80\012- data
Size 477 kB (477350 bytes)
Hash 61c406ddf850ca14b60d4aab15fdd8b8
2cdcfa128aa0f28febf64d2ef6756945677cef2f
75a5988f7a9a10f06b2310ca0df8ebc542e8afd79d2e90e6aa9d107d0e2adc7e
Analyzer Verdict Alert quad9 Sinkholed
GET /9ffd660a497227c2a02eab75b51f91b9.gif HTTP/1.1
Host: kvtooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:12 GMT
content-type: image/gif
content-length: 477350
last-modified: Thu, 17 Nov 2022 07:58:48 GMT
etag: "6375e9b8-748a6"
expires: Sat, 17 Dec 2022 15:18:05 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 396787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2%2Fw3lxGVT9WdNF5%2BQw3Wluhfu9calXcYDqgWmj9riMZrSAb5qHIDBJSp%2FP4FxnIm24ufjxefvA3DpHkcAIUUq88EtP6TGOFOq93ptiE2FgJO4AaNwSzjrRFFrFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47088ce6b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jytdlz.com/avlulu/css/b.css?c46d9eeb4cb002516f1736264ff44763
172.67.156.15200 OK 129 kB URL HTTP/2 jytdlz.com/avlulu/css/b.css?c46d9eeb4cb002516f1736264ff44763
IP 172.67.156.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 129 kB (129309 bytes)
Hash cabd1dce1afd3c0bdb3327bc7e6cce8c
0117047e88bcfa6c93b19aea715cefcb1c63f482
d5304d4c562ec23e68bc3fec862c139ca5805ad44b688de91aa3ec8d31cad211
GET /avlulu/css/b.css?c46d9eeb4cb002516f1736264ff44763 HTTP/1.1
Host: jytdlz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:09 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 02:21:17 GMT
vary: Accept-Encoding
etag: W/"637c321d-224c2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMsbj8O5F0Rs7pBuceXMUAGPVnzO2zU7CR3IWABWLdIFY%2B2b2rOUVDCSXhhkFAVHSxk2u8GIxHuNA4s8GsN5SMN%2F09p4pt6fwGJMiGUE3bhKaPe5xjCRvct1jFPM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76df46f6e85a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3065c5f42001d42d194f04bb5ffa7769
9fd829ec67f3fcb1e50484c91bc55d5cdc930ff6
34636a09b858d468b49c20b8ac9c01ba1fad0b274fc1ea51fca477579d400d8d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "34636A09B858D468B49C20B8AC9C01BA1FAD0B274FC1EA51FCA477579D400D8D"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4688
Expires: Tue, 22 Nov 2022 06:49:20 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 894a80c8dce0c10809872c022309ecbf
8f03e5df7ef099b94afa6ddfe4ed1da61a4986bb
b3aca29cddf84cf1a2fa6cf139337e9ea64c559f7767876416e2434df5c47d8f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B3ACA29CDDF84CF1A2FA6CF139337E9EA64C559F7767876416E2434DF5C47D8F"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15310
Expires: Tue, 22 Nov 2022 09:46:22 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4a717fc651049932cbc36ab949cb2e30
d05db6eed49edd674228c9d2324470d14e284080
6575933efdd169b31b128f44832db22118bdb0042f0e3fc5e13a3e6d15d7281f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 26 Nov 2022 04:00:48 GMT
ETag: "d05db6eed49edd674228c9d2324470d14e284080"
Last-Modified: Tue, 22 Nov 2022 04:00:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2989
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76df47090ebbb4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fd93ca1fec2169813b6a96ff53c237ed
a8aa92bebf49d8c0144c060afc9348bd2c33f105
22eea0f23d1facefc6f569e52d2dd2561f360eb2d79c67a5996e01ee246f262b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 15:19:40 GMT
Expires: Sat, 26 Nov 2022 15:19:39 GMT
Etag: "a8aa92bebf49d8c0144c060afc9348bd2c33f105"
Cache-Control: max-age=380306,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76df47063d19b4ee-OSL
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfd3a720e618cfcae320e8eea8c91f45
998a739ba00255145a02b487d2c28f09cfbb3a48
2b11c483a45f3b9a9c6d70317d21577d322308bd3630855c480142877c18f28b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2B11C483A45F3B9A9C6D70317D21577D322308BD3630855C480142877C18F28B"
Last-Modified: Sat, 19 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17880
Expires: Tue, 22 Nov 2022 10:29:12 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c88f0731b7f6a39b906b8a0897df6aba
f7a3bc6830fc3c466aa93451bfe8d6f6f9a7f8a8
e644b1b44eb51aa0638d932727c0fbd61a5a1bef08c9217cd0049c426e9aa219
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E644B1B44EB51AA0638D932727C0FBD61A5A1BEF08C9217CD0049C426E9AA219"
Last-Modified: Sun, 20 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 22 Nov 2022 08:52:28 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 894a80c8dce0c10809872c022309ecbf
8f03e5df7ef099b94afa6ddfe4ed1da61a4986bb
b3aca29cddf84cf1a2fa6cf139337e9ea64c559f7767876416e2434df5c47d8f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B3ACA29CDDF84CF1A2FA6CF139337E9EA64C559F7767876416E2434DF5C47D8F"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15310
Expires: Tue, 22 Nov 2022 09:46:22 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
kvhkkk.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
104.21.234.156200 OK 65 kB URL HTTP/2 kvhkkk.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 104.21.234.156:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:12 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 23:12:50 GMT
etag: "637c05f2-ff86"
expires: Thu, 22 Dec 2022 05:13:02 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtFaEIJSNKdfWPtSHTP2yh9%2FfZiv82HO0ni%2BDIkfHbrWNET9WEtz9tUw6hItnrZCMZQhdhIK3UVKmTMVUo%2FxetFIony%2BAZoVV6v2pUI0j1MKzFScbVcgZcoaCedm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4709ed87756e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif
104.208.83.207200 OK 182 kB URL HTTP/1.1 n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif
IP 104.208.83.207:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 900 x 90\012- data
Size 182 kB (182070 bytes)
Hash 995400c9715bce6e284a1537d89682fc
61bbb8f7b15c1095e9e02e28fb8585f19fe8ed6a
e9f4b89fcf20519446ed01f0382f3baa0ee783513f44e2efcfb1f61b2708a7b0
GET /b3f4ec9f2e7e43568ce7e4a83380bfbf.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Nov 2022 13:48:00 GMT
ETag: W/"6370f590-5305b"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2149a0639d4bdf924eaf520ea46fe479
da3cb7e4cc59a640eef021152b4ccf6af7c50b34
8f2601bb6f561b3c59c7fcac4655abdb7c8e270f94ed63fb9be521a4d6a7c5c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151915
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:12 GMT
Etag: "637c0d0b-117"
Expires: Wed, 23 Nov 2022 23:43:07 GMT
Last-Modified: Mon, 21 Nov 2022 23:43:07 GMT
Server: nginx
Content-Length: 279
kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.235.62200 OK 1.6 MB URL HTTP/2 kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:12 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Fri, 09 Dec 2022 08:42:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1111738
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVLsUDmCzzqclDhHVtuKqzZir1sNUzN%2BnqBipzvbE8wCzm1haLj24GTT9h1KfAB0tXGUObz29upOB9h1B3AxBInTOeTrB4GX9ZbdT6VnAi4mE%2Bj7DGJ0iZhSC6Vb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47092e3d76db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c88f0731b7f6a39b906b8a0897df6aba
f7a3bc6830fc3c466aa93451bfe8d6f6f9a7f8a8
e644b1b44eb51aa0638d932727c0fbd61a5a1bef08c9217cd0049c426e9aa219
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E644B1B44EB51AA0638D932727C0FBD61A5A1BEF08C9217CD0049C426E9AA219"
Last-Modified: Sun, 20 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 22 Nov 2022 08:52:28 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
54.230.111.4200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Sat, 01 Oct 2022 03:33:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Tue, 28 Sep 2032 03:33:18 GMT
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n-_upg-ElSez7l12NiduwuOsbolU4XxyA0CRYAe0TTxleHomrBnsNQ==
age: 4499874
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a80e58af8782f90e9fa4650b74da3959
6352fe4326d96ba1708392fbae29d322a2098a8e
e9377aacd3e84ccf3654edbbdac2ee1c3d640b2691862ec5951b9bd437a98ce0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5076
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:12 GMT
Last-Modified: Tue, 22 Nov 2022 04:06:36 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 727
278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif
45.61.212.222200 OK 202 kB URL HTTP/1.1 278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif
IP 45.61.212.222:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 202 kB (202119 bytes)
Hash 99973a5086ec9ecad6079e54ba989005
eb73602a0dee641759a7ba5849d4e81462f55ff6
e1323eee354085d9a0d259948945ffe484371a118941e98a99a2cfbf54e93e41
GET /cfc4342a0af24f079fa6b7559446feb8.gif HTTP/1.1
Host: 278838mcu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637470e4-31587"
Date: Wed, 16 Nov 2022 14:42:04 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 16 Nov 2022 05:11:00 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-22
Content-Length: 202119
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a80e58af8782f90e9fa4650b74da3959
6352fe4326d96ba1708392fbae29d322a2098a8e
e9377aacd3e84ccf3654edbbdac2ee1c3d640b2691862ec5951b9bd437a98ce0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:12 GMT
Etag: "637bf3b7-2d7"
Last-Modified: Tue, 22 Nov 2022 05:05:52 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
47.246.44.224200 OK 312 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 312 kB (311995 bytes)
Hash a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816
GET /obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sun, 20 Nov 2022 13:54:00 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 20 Nov 2022 06:36:31 GMT
nw-session-id: 202211201436310101381722022DDD7F9Fb6g8902dy
nw-session-trace: 2022-11-20T14:36:31.726034023+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sun, 20 Nov 2022 14:36:31 GMT
x-tt-logid: 202211201436310101381722022DDD7F9F
via: n150-056-031, cache5.l2de2[0,0,206-0,H], cache9.l2de2[0,0], cache9.l2de2[1,0], cache7.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:19:491::165
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016bea2383e942e705ce075fa9455599047b3d504f27e4cd54eb6165bfe97009043fe95aa99333313ffdc40041326a1944337247b80640b95b19e0e11b8290eacf8fc52150b89fdbebbec2858e8ae2c4e95469f952782afc40b4db5bc56f12f996
x-response-lb: image
ali-swift-global-savetime: 1668952441
age: 142631
x-cache: HIT TCP_MEM_HIT dirn:11:184467009
x-swift-savetime: Sun, 20 Nov 2022 14:24:15 GMT
x-swift-cachetime: 31534186
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16690950724898644e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
47.246.44.224200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Thu, 17 Nov 2022 09:53:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101311360521EAF2ADAf5h2j02dy
nw-session-trace: 2022-11-17T17:53:03.607386669+08:00 72
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101311360521EAF2ADA
via: n150-056-037, cache21.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:20:487::171
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c183c9ad02fc137ee0bc2538a5ec32e48e06b1ea9b9f7ca52216d0d065f90e22d26f4a0af3d924e6753aa376363f25de93f5a74159eb1fbace21d469a21a004d852c1a4175d95ec3b7c8e5efa3e300b4725cb56ed1f2ca9d2afa60dec78f7555
x-response-lb: image
ali-swift-global-savetime: 1668678785
age: 416287
x-cache: HIT TCP_MEM_HIT dirn:4:370366473 mlen:0
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535924
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16690950724938645e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
47.246.44.224200 OK 475 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 475 kB (474754 bytes)
Hash 187c69beaa798211a2760f0e7944d8cc
645bc6d28abf2cf3756a014fb2fc9075d0f0fe20
50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4
GET /obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Thu, 17 Nov 2022 09:53:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101750890682AACD1942b4ht02dy
nw-session-trace: 2022-11-17T17:53:03.23957836+08:00 67
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101750890682AACD194
via: n150-056-026, cache23.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache4.se1[0,0,200-0,H], cache8.se1[13,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=13
x-tt-trace-host: 0178520ad27bd5d1cf50b17ae5b59e240aa30c95130e560e1e8d0a185386ae24ffb377b40daab87aafd94d72f89d61bd85544593fc41de8fb75c6e06fed521e7c61742629589c4047cac89508c4d043f85587c2fb862e879b70011b77f694a57f7
x-response-lb: image
ali-swift-global-savetime: 1668678783
age: 416289
x-cache: HIT TCP_MEM_HIT dirn:11:117223676
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535922
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16690950725228669e
X-Firefox-Spdy: h2
3p8801.co/11-960x80.gif
142.0.131.26200 OK 312 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 312 kB (312168 bytes)
Hash 9d0e7356fff9dde88bf887c2f4525664
42556af8ed388e47eb898711485df393aeaa7ca6
53d0fb42ef9a1f70d6434ad60a01fda4ef840514d285445bbf3be41c823c0177
GET /11-960x80.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 312168
last-modified: Sat, 19 Nov 2022 11:23:08 GMT
etag: "6378bc9c-4c368"
expires: Thu, 22 Dec 2022 05:31:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/3p960x80.gif
142.0.131.26200 OK 470 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 470 kB (469887 bytes)
Hash 3f8f0e94cf33053c7399d409b404f04c
d451e55fda6be3966a3a72aa67cba04252452966
a18cfc1874ccbef0a44dbeb6e718d6ee4e01e6a5144e9ed017e6c603c149e392
GET /3p960x80.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 469887
last-modified: Thu, 03 Nov 2022 13:03:07 GMT
etag: "6363bc0b-72b7f"
expires: Thu, 22 Dec 2022 05:31:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105e12000a3kitlh7251.gif
104.110.17.24200 OK 329 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105e12000a3kitlh7251.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 720 x 200\012- data
Size 329 kB (328709 bytes)
Hash 4515e2d8856f87796d65b1a0121cb348
c602f63aed7e4666232430630c64e2b6f702fd65
0ea3a2ad0ab242e47321d27fc2639f6ae658e9821461b9af3b45bdfa1a572781
GET /images/0105e12000a3kitlh7251.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 328709
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13063289
expires: Sat, 22 Apr 2023 10:12:41 GMT
date: Tue, 22 Nov 2022 05:31:12 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 864 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 79419be6018c1e5a5867d16f43a9a3fb
3f7fc03768403d2ff5aa116f1e49554f00bc5f34
f51630f5e7c6fd63b92133165ad36d0b08b776568dcf74b2203c77ad76482239
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D34D749784CB3160181DED32069CFFB0D897B55EC8BF7E7DA35B729437078A8"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4482
Expires: Tue, 22 Nov 2022 06:45:54 GMT
Date: Tue, 22 Nov 2022 05:31:12 GMT
Connection: keep-alive
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.23.69200 OK 432 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 637C5E9FE001B43639DEC457
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 3
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:24:18 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 120193423
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif
47.110.23.69200 OK 451 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 451 kB (450794 bytes)
Hash 4172d77293e54a5ddf4a87f1778cb155
1964277992ae541de680ddf9436984356e6b6e5a
3d4b31364c5f8aaabe6645955b134d5df4c75e98e73ac1707c6b7c51c5b21949
GET /xpj/sxpj96080d.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 450794
Connection: keep-alive
x-oss-request-id: 637C5E9FA7BABC35371AE48D
Accept-Ranges: bytes
ETag: "4172D77293E54A5DDF4A87F1778CB155"
Last-Modified: Thu, 17 Nov 2022 05:41:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8061095176570556502
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: QXLXcpPlSl3fSofxd4yxVQ==
x-oss-server-time: 4
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 637C5E9FFFFE3D3632677ACD
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif
103.170.15.109200 OK 452 kB URL HTTP/1.1 223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif
IP 103.170.15.109:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 452 kB (452273 bytes)
Hash df16374d7e4ccf1c7ff3814012167dad
bf7f89f135684b9182f4dc5bd4dd296060427eef
670f99c726a10b701a44db00b29b694b79a4461185e623e3e8b5f766d287a54f
Analyzer Verdict Alert quad9 Sinkholed
GET /3f0caff920384531a90d6fa6548f7768.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6364f6e3-6e6b1"
Date: Sun, 20 Nov 2022 05:34:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 04 Nov 2022 11:26:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-39
Content-Length: 452273
avlulu.cc/
104.21.95.142200 OK 353 kB IP 104.21.95.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (440), with CRLF, LF line terminators
Size 353 kB (353214 bytes)
Hash 8a43ee607220c91e42c44cbb549ba787
4b9c81a9db8c2900b80b05eb9875616e1623f6eb
3579426ce4cd7fbda261e53389c777f52fb73055dd9c673408450410a78902fb
GET / HTTP/1.1
Host: avlulu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:08 GMT
content-type: text/html; charset=UTF-8
cf-ray: 76df46f2ff4a0b69-OSL
access-control-allow-origin: *
cache-control: public, max-age=172000, stale-if-error=7200
expires: Sat, 21 Jan 2023 04:25:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cache-key: avlulu:_53a2407921c:/
ghash: _53a2407921c
ipcountry: SE
t-ray: wsla3
w-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw6FAW7Q5ge%2Bdi8sdMz5QTAJ%2F4iSGCZOB%2BLfp54rxKVbj5QxBsVig7DEswJI5zmQbmEEO4IVKtAutlDg47ohNRAlr%2Bm%2B4gwlRTP2YIpq%2BaFiHDQrMdADC9WW3Vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669095072734&@k0&@l1&@m&@n0&@ohttps%3A%2F%2Favlulu.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-130049861&@b3:1669095073&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2Fanyalytics%3Fv%3D_a5ed18ed68e&@w
198.27.80.143200 OK 54 B URL HTTP/1.1 s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669095072734&@k0&@l1&@m&@n0&@ohttps%3A%2F%2Favlulu.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-130049861&@b3:1669095073&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2Fanyalytics%3Fv%3D_a5ed18ed68e&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 1fb87847f13d962304c4579fe28c3395
f38543c521d5afd3ea20370359f69cfaf6e0b35e
dcfd2c9d3c9b4b0549dff91bef6dd53c129b5e3c5acf18f0b5984534322e51c3
GET /stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669095072734&@k0&@l1&@m&@n0&@ohttps%3A%2F%2Favlulu.cc%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:-130049861&@b3:1669095073&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2Fanyalytics%3Fv%3D_a5ed18ed68e&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:13 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 54
Connection: close
s10.histats.com/counters/cc_100.js
46.105.201.240200 OK 7.7 kB URL HTTP/2 s10.histats.com/counters/cc_100.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (19234), with no line terminators
Hash eb2e335634e1d042469dc377a3989ff9
bfd517c0fb7e6fa042d4f6bd8b62655371d567ec
9045a6bdc5e51706e78bb09c79ae593f9d03142090e6931ff3e17a093dac89e9
GET /counters/cc_100.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:24:45 GMT
etag: "1473736416"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 172228649
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7662
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/tyc960x80.gif
120.77.166.72200 OK 577 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/tyc960x80.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 577 kB (577277 bytes)
Hash 4f5db76354d22133d0f614711bb62fd4
041667e1a1b78ab9f70a2fb872fc69f0f885caac
54766556cc3379ef59db3351d7ed51a43e7e5774763369c686c17aec7475e254
GET /tyc960x80.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 577277
Connection: keep-alive
x-oss-request-id: 637C5E9FB800053138D9ABBF
Accept-Ranges: bytes
ETag: "4F5DB76354D22133D0F614711BB62FD4"
Last-Modified: Sun, 03 Jul 2022 04:19:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8667772596430290618
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: T123Y1TSITPQ9hRxG7Yv1A==
x-oss-server-time: 4
383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.80200 OK 299 kB URL HTTP/1.1 383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.80:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:12 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 637C5EA0FFFE3D3431E27CCD
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Sun, 23 Oct 2022 07:06:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 3
jytdlz.com/avlulu/css/web.avlulu.css?90aa6b58b20f1
172.67.156.15200 OK 407 kB URL HTTP/2 jytdlz.com/avlulu/css/web.avlulu.css?90aa6b58b20f1
IP 172.67.156.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 407 kB (406611 bytes)
Hash 213f6baf2275244d53735cfa497a0dd1
4c3cb072358cda343642427b566807ea8416dead
75aa627180e3654d5d28e7dbfe62326a19dfbe9700599d37db5d3f5b11a50b63
GET /avlulu/css/web.avlulu.css?90aa6b58b20f1 HTTP/1.1
Host: jytdlz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:09 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 02:21:17 GMT
vary: Accept-Encoding
etag: W/"637c321d-b2f31"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mt1w6BU9%2FuiIC08aWMYoi7ZAuN1PbnxSzfEhqJzkMnpNuFYaw7Y4aRkKPby1UgJYbEbO6C3bylHpGLeBjQ3ePqaH7AxmT5U8N4FGfdYLLi%2BfMmXwzSlW9Cglyt2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76df46f6e85b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
120.77.166.72200 OK 562 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (562130 bytes)
Hash 8beed805ef37d0fa42646c105c8aadd8
48ce0717f037a6fb1f489ff1da3537a00ff0f47b
9df49f47b95763d2234554adf562f5a0ba5eb3910a9f7f01a5d90e5f425eccce
GET /af/q960x80-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 562130
Connection: keep-alive
x-oss-request-id: 637C5E9FD17D3433394C3BDD
Accept-Ranges: bytes
ETag: "8BEED805EF37D0FA42646C105C8AADD8"
Last-Modified: Tue, 27 Sep 2022 07:43:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15479893720264865523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i+7YBe830PpCZGwQXIqt2A==
x-oss-server-time: 1
p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0
43.129.255.47200 OK 324 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 324 kB (323595 bytes)
Hash 2f8505fde97df017104d6c717f9e29a8
445dbf8879db328bffb9a7ad5771822dd4feb7cd
5170585cb0deb93db41c8db1ad34d06831feaaa4a6941dfeba14090c51870518
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 323595
vary: Accept,Origin
last-modified: Sun, 09 Oct 2022 12:53:00 GMT
cache-control: max-age=2592000
x-delay: 148 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 323595
chid: 0
fid: 0
x-nws-log-uuid: 6ece0140-8d39-4445-b8c7-684b4b8de745
X-Firefox-Spdy: h2
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash 3643b4a3bf0fae19002ddc1c9a71c8e8
c8b542230f5d1304fdd22cfd6be488084bdcbe64
c654cb568b9dcc90acf99f4bc484ee684ca32d14db1ada83ebad061c969a40ab
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Tue, 22 Nov 2022 05:30:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Sun, 20 Nov 2022 15:16:09 GMT
Expires: Sun, 27 Nov 2022 15:16:08 GMT
ETag: "C8B542230F5D1304FDD22CFD6BE488084BDCBE64"
cache-control: max-age=172800,public,no-transform,must-revalidate
p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0
43.129.255.47200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1360388 bytes)
Hash 0ae6a6608409a84a0989e5f9d9513482
9ad09095cb4fc3ac1c6c969e96e05f5625b807e5
15c7308a0e529c41f4ff4f9bbc9ff24c9d7f9a23a774e9f5b46ad2bd48dd928f
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 22 Nov 2022 05:31:11 GMT
content-type: image/gif
content-length: 1360388
vary: Accept,Origin
last-modified: Wed, 09 Nov 2022 13:41:49 GMT
cache-control: max-age=2592000
x-delay: 694 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1360388
chid: 0
fid: 0
x-nws-log-uuid: 43741c69-946c-4493-a75e-8318e022cd38
X-Firefox-Spdy: h2
s.360.cn/so/zz.gif?url=https%3A%2F%2Favlulu.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bu3lfu2l8v5a2/5/f:2sdpbt
180.163.251.230200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=https%3A%2F%2Favlulu.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bu3lfu2l8v5a2/5/f:2sdpbt
IP 180.163.251.230:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=https%3A%2F%2Favlulu.cc%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1c8c2.bu3lfu2l8v5a2/5/f:2sdpbt HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Tue, 22 Nov 2022 05:31:13 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:19 GMT
Connection: keep-alive
ETag: "5b5ac597-0"
Accept-Ranges: bytes
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://avlulu.cc/
103.235.46.40200 OK 0 B URL HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://avlulu.cc/
IP 103.235.46.40:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://avlulu.cc/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 22 Nov 2022 05:31:14 GMT
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 532 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 532 kB (531945 bytes)
Hash 904c4f51a02c9f03f27ac2593d4c061e
faa7b399e3dc1e36e450636f0fafcaaca901f59e
107d811d56db4017059b2c99a4829faa9e20ce7fa395b3182bdb456ff93fbee6
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:11 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 637C5E9F8A23F734379E9147
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 2
ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oADvxlJeYT8
IP 142.250.74.35:0
Hash da68ef55161c6f113c5f1415d24092f9
3178d886aa8b7027c243ed8062b30e02ace638b3
74e4f8a49e6846ccc2c5e7f78414c401eb55e03e17fcb14db29054243fd2d438
POST /s/gts1p5/oADvxlJeYT8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 05:31:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
47.75.19.45200 OK 251 kB URL HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
IP 47.75.19.45:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 251 kB (250863 bytes)
Hash 146302635db0d447d3779d91b77d8389
281b62ad456eee28791ca926602b14ac6e84d9d7
efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 22 Nov 2022 05:31:12 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 637C5EA08A23F73530DC9547
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 2
s4.histats.com/stats/4265057.php?4265057&@f16&@g1&@h1&@i1&@j1669095075166&@k0&@l1&@m%E5%A4%A7%E5%9E%8B%E7%9A%84%E6%96%B0%E5%9E%8B%E7%9A%84%E6%88%90%E4%BA%BA%E7%BD%91%E7%AB%99%2C%E8%9D%8C%E8%9A%AA%E7%AA%9D%2C91porn%20-%20AV%E6%92%B8%E6%92%B8&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:140936471&@b3:1669095075&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2F&@w
198.27.80.143200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/4265057.php?4265057&@f16&@g1&@h1&@i1&@j1669095075166&@k0&@l1&@m%E5%A4%A7%E5%9E%8B%E7%9A%84%E6%96%B0%E5%9E%8B%E7%9A%84%E6%88%90%E4%BA%BA%E7%BD%91%E7%AB%99%2C%E8%9D%8C%E8%9A%AA%E7%AA%9D%2C91porn%20-%20AV%E6%92%B8%E6%92%B8&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:140936471&@b3:1669095075&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2F&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/4265057.php?4265057&@f16&@g1&@h1&@i1&@j1669095075166&@k0&@l1&@m%E5%A4%A7%E5%9E%8B%E7%9A%84%E6%96%B0%E5%9E%8B%E7%9A%84%E6%88%90%E4%BA%BA%E7%BD%91%E7%AB%99%2C%E8%9D%8C%E8%9A%AA%E7%AA%9D%2C91porn%20-%20AV%E6%92%B8%E6%92%B8&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:140936471&@b3:1669095075&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Favlulu.cc%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 05:31:16 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
s10.histats.com/counters/cc_601.js
46.105.201.240200 OK 4.3 kB URL HTTP/2 s10.histats.com/counters/cc_601.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (13013), with no line terminators
Hash 8880b670a68556228d84476076882af8
b061690737d09c8fdb4278881c5dc3d163238dee
07c39031971616075a9795825d2d52d31984636b393263ab97f672f43e9d2d64
GET /counters/cc_601.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:24:47 GMT
etag: "-433514832"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 27165057
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4289
X-Firefox-Spdy: h2
kvtggg.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
104.21.234.169200 OK 0 B URL HTTP/2 kvtggg.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
IP 104.21.234.169:0
GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:15 GMT
content-type: image/gif
content-length: 573384
last-modified: Wed, 14 Sep 2022 07:34:15 GMT
etag: "632183f7-8bfc8"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 1111587
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuxEr8cagDH4w1oPYD7fgERWTqHPNeUHt3VygIp1HtTearwwK9GMT0sOJdRaxXC%2Bla2sO1%2BfJP1kCn1xxFcyd5hSzSXBHb2lmU36o7P%2Fu3uSDndW81NUVpF6agdl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df4704ddc58895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.9729x.com/images/6379cade0530cc58344548f5.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9729x.com/images/6379cade0530cc58344548f5.gif
IP 3.36.126.81:0
GET /images/6379cade0530cc58344548f5.gif HTTP/1.1
Host: img.9729x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.u1557.com/images/636b5b5714dd2ea30a791029.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1557.com/images/636b5b5714dd2ea30a791029.gif
IP 3.36.126.81:0
GET /images/636b5b5714dd2ea30a791029.gif HTTP/1.1
Host: img.u1557.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.u2267.com/images/635287bc3ce47c907dcb1486.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u2267.com/images/635287bc3ce47c907dcb1486.gif
IP 3.36.126.81:0
GET /images/635287bc3ce47c907dcb1486.gif HTTP/1.1
Host: img.u2267.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
cache-control: max-age=3600
X-Firefox-Spdy: h2
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.58200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.58:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
date: Tue, 22 Nov 2022 05:28:12 GMT
cache-control: max-age=600
expires: Tue, 22 Nov 2022 05:35:29 GMT
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EinGSOtrM_Yt_az_nwi5xvb2y4NE8lqyaYR-a8hCrrqo7y2z2q_yVQ==
age: 341
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 0 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avlulu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 22 Nov 2022 05:31:12 GMT
content-type: application/x-javascript
last-modified: Sun, 31 Jul 2022 09:23:08 GMT
etag: "62e649fc-134"
cache-control: max-age=86400
content-encoding: br
age: 4343
accept-ranges: bytes
tracecode: 11297128420310087434112112
ohc-global-saved-time: Tue, 22 Nov 2022 04:02:30 GMT
ohc-cache-hit: gz3un53 [2], zhuzuncache50 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
kvtggg.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
104.21.234.169200 OK 0 B URL HTTP/2 kvtggg.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
IP 104.21.234.169:0
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: kvtggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avlulu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 05:31:15 GMT
content-type: image/gif
content-length: 271417
last-modified: Sat, 05 Nov 2022 14:46:45 GMT
etag: "63667755-42439"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 83266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AfrGXRFW%2BmGjG1%2B1CjTPAiB9iQiZbCLeBp%2FfA3pI8%2BxlD7B7q6F3GUQRSE7wgbniTvIPfFqIx7jKNdwFJM7q1oZvfxFOAk%2BequwpYFNigbbddIDoMQRdZbo0L%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76df47049d698895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2