r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5266
Expires: Thu, 01 Sep 2022 03:57:12 GMT
Date: Thu, 01 Sep 2022 02:29:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 02:26:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8-GXjEbv2Slf6DlcuvgkLHywkESe1DmW7AvogP0x4XXcWGMF5KmXQg==
Age: 153
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lFF7MWB6ceGQFe9wYybvRUQ9im5E1Vamr4w3mUoWK8Kjk-N2yLIAIQ==
age: 4450
X-Firefox-Spdy: h2
www.myweblock.com/edu/panel/start/
107.187.101.217200 OK 481 B URL HTTP/1.1 www.myweblock.com/edu/panel/start/
IP 107.187.101.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (568), with CRLF line terminators
Hash 940f80c5a19a106828d53d7bb1386577
8976d557180f526a854e2c63573d4e3e224faaa5
8b2c613f8ef0161a24a5f83e6a2ef041d426be7bbf3bd34529f649742e211827
GET /edu/panel/start/ HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.myweblock.com/common.js
107.187.101.217200 OK 1.9 kB URL HTTP/1.1 www.myweblock.com/common.js
IP 107.187.101.217:0
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 4ac7517d9b301d42875832d989994928
8453e60d64dad9e3928ebbff6e507645a28e73ad
53c7d31a8a1180cc79874a34be18d97fcae0992bf110e664c5856f2ec55f919c
GET /common.js HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.myweblock.com/edu/panel/start/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.myweblock.com/tj.js
107.187.101.217200 OK 364 B IP 107.187.101.217:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 789d28beb2b6417f715b68f4fe870a1e
fbf03b20c547f4fd610f2a2bdf666e162cbcc5fe
cbfb13722e8ec80bdf05d47e84f460b9f4f8da2a020821489f763726c1da304d
GET /tj.js HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.myweblock.com/edu/panel/start/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 01:57:05 GMT
Expires: Thu, 01 Sep 2022 02:50:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 08DIzkhP9xBLpk30zpQ7H-IDElpRVKKWBLJMNqz8kfP25815jRxTCg==
Age: 1942
209.73.159.134/chabi-common.php?val=chabi4&t=0.07394211242019644?v=036806267199025544
209.73.159.134200 OK 88 B URL HTTP/1.1 209.73.159.134/chabi-common.php?val=chabi4&t=0.07394211242019644?v=036806267199025544
IP 209.73.159.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 56f9cb0278e7ec17d28254099622ae74
993d13962b8e5efd176e230ca798f36fb28c3b61
ed24b86adaa7df083e65b4a421232b4fd5fcc8ccbb3f5a0c1ba0a0c29a89d072
GET /chabi-common.php?val=chabi4&t=0.07394211242019644?v=036806267199025544 HTTP/1.1
Host: 209.73.159.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.myweblock.com
Connection: keep-alive
Referer: http://www.myweblock.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 02:29:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.134/chabi-common.php?val=chabi4&t=0.6401968431962979?v=07570380116694678
209.73.159.134200 OK 88 B URL HTTP/1.1 209.73.159.134/chabi-common.php?val=chabi4&t=0.6401968431962979?v=07570380116694678
IP 209.73.159.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 56f9cb0278e7ec17d28254099622ae74
993d13962b8e5efd176e230ca798f36fb28c3b61
ed24b86adaa7df083e65b4a421232b4fd5fcc8ccbb3f5a0c1ba0a0c29a89d072
GET /chabi-common.php?val=chabi4&t=0.6401968431962979?v=07570380116694678 HTTP/1.1
Host: 209.73.159.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.myweblock.com
Connection: keep-alive
Referer: http://www.myweblock.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 02:29:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad1a12aebc62784db9d5e1517fd45534
2458c3de59adf37669b4f38458c5de91d9650405
f0be98ac0323dabd4b3b794080b89840f0ae933d91ed0b33eeb36e5ef2f30ca7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0BE98AC0323DABD4B3B794080B89840F0AE933D91ED0B33EEB36E5EF2F30CA7"
Last-Modified: Wed, 31 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18197
Expires: Thu, 01 Sep 2022 07:32:44 GMT
Date: Thu, 01 Sep 2022 02:29:27 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad1a12aebc62784db9d5e1517fd45534
2458c3de59adf37669b4f38458c5de91d9650405
f0be98ac0323dabd4b3b794080b89840f0ae933d91ed0b33eeb36e5ef2f30ca7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0BE98AC0323DABD4B3B794080B89840F0AE933D91ED0B33EEB36E5EF2F30CA7"
Last-Modified: Wed, 31 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15768
Expires: Thu, 01 Sep 2022 06:52:15 GMT
Date: Thu, 01 Sep 2022 02:29:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 02:29:27 GMT
Last-Modified: Thu, 01 Sep 2022 01:56:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.211.93.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.93.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RSoFI+t8l4qQsf2g95UZQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HEB43VKD+HHFKDgh3Z4NMJtI39w=
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad1a12aebc62784db9d5e1517fd45534
2458c3de59adf37669b4f38458c5de91d9650405
f0be98ac0323dabd4b3b794080b89840f0ae933d91ed0b33eeb36e5ef2f30ca7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0BE98AC0323DABD4B3B794080B89840F0AE933D91ED0B33EEB36E5EF2F30CA7"
Last-Modified: Wed, 31 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15767
Expires: Thu, 01 Sep 2022 06:52:15 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9fd03a3bafd019b5b51c16f46a8d440
f56726d7ccdf41c44f4a0b2d57104d597291c560
6558900181b553258ccc9853dca1d33c83f2307f1b21ab452a60d7cf52b70c98
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6558900181B553258CCC9853DCA1D33C83F2307F1B21AB452A60D7CF52B70C98"
Last-Modified: Tue, 30 Aug 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12140
Expires: Thu, 01 Sep 2022 05:51:48 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98035834206ba4d4807dcd2502af7dd2
0cc91d36747d70bfb6af8b6dbf81580a66977f4c
23ab969a1c9591a765082022a4005a551832a62f0e36e82df35dfde6b70aabbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23AB969A1C9591A765082022A4005A551832A62F0E36E82DF35DFDE6B70AABBB"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10363
Expires: Thu, 01 Sep 2022 05:22:11 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
cb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
188.114.97.1200 OK 162 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP 188.114.97.1:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size 162 kB (161917 bytes)
Hash 07ba810211d9714f39b4c72c32f1f72c
6a18b9d5fc0f4f9a6c0f36c89358cc5df08519ff
645168089d4619f499372282484bec795318762561fa5749718a178f4638e860
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Sat, 27 Aug 2022 12:09:40 GMT
vary: Accept-Encoding
etag: W/"630a0984-48b"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWn%2F1NjzKVw%2BDLVZAx0%2B1A3VPNqLdK4tMsd1Lc1RNX5uTA8Jw9orRURTfY79CkvgbW8GJJy0NmSr0a7Pm6ugnCm2aDMsunT36o72kcX6TbbeACO9gYCXoxOOGxEgNgCYUu2%2BxNeh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94133b70b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
188.114.97.1200 OK 194 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 194 kB (193587 bytes)
Hash 61baf3d64a46f4878cb0d4832d4b9c72
9c125bb8ffad6b19821c496a9c4043feba467e9e
dedb5076b5d998246717c1e30a159316b4386e228a36841c1ea1e304b39601f8
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Sat, 20 Aug 2022 09:06:21 GMT
etag: W/"6300a40d-3f3"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EV53toUUUeYHsuszmmOc2eKf2zvWkEtrVRPt2XbSa%2FVnKeDa%2Frnvc6QbMkoiJZc5ub2OFHcGeJ2xDE6XMe%2FXLksFg1ihlnh883HbXtAouQvf4w6pllRKm%2F9XZMMT7zo8m0AErbjj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt2.gif
172.67.182.207200 OK 377 kB URL HTTP/2 tk.learning8808.com/images/xt2.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 377 kB (376694 bytes)
Hash 8e954a81cfc4fcdc8b1d5ff074a421a7
80810fedd18106dc58686ddc5106e7586ec38bc3
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
GET /images/xt2.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: image/gif
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
etag: "626930fd-5bf76"
expires: Mon, 05 Sep 2022 06:35:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2231644
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11g8rY32iRJMapHvU1RPmwR4c5z8mmCSMR2lArVU07ASuM7sXB6GVXm1LjkcGiXWS1bwBIjzaBKXQq9pJMuInWd7IpZlO%2FFy5bE1rfidcjACv9Ev11TlTJoCMGXI%2F%2Ft%2BVDE2ixb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94151b03b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt10.gif
172.67.182.207200 OK 624 kB URL HTTP/2 tk.learning8808.com/images/xt10.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /images/xt10.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: image/gif
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
etag: "626930f8-98484"
expires: Mon, 05 Sep 2022 06:35:27 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2231644
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDV7Ym2yRX3N6DYtziNvXPkPtxTXhbbTVwNt0KNNxIWiPnT14wTy%2FsSGj2M0xHXTrHQuROodHM5%2BAzpP6yv%2BSViwV0s8DYwbiF9DfZgBiC9fStO9Q3WPl779JgTt8jZNRcSZKX69"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94151b01b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt7.gif
172.67.182.207200 OK 269 kB URL HTTP/2 tk.learning8808.com/images/xt7.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 269 kB (269177 bytes)
Hash 3be5bc895ae3e525bbcfbb2a2696ed0f
1f3d2c548412b47b65acf224f1a6b7bf89dcf876
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
GET /images/xt7.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: image/gif
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
etag: "62693107-41b79"
expires: Mon, 05 Sep 2022 06:35:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2231643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLdQUPNMFAR9gmfwVg6iF23gcVMVzMN2pQTQAn7WKCHOx2UxyF8I6C6L9B55xpo1iBdQYIdSTy2UBd6EGkrq9VxSobtY2tGxhuf%2BarTJUA%2FqQLHyrM2JiAjFfa8%2FccDNu%2FV9KQ25"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94151b0ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt1.gif
172.67.182.207200 OK 444 kB URL HTTP/2 tk.learning8808.com/images/xt1.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 444 kB (443705 bytes)
Hash 8bc908398e73478d0b28d85191689891
5e9022d7583285c988d0acb55b6db7c920f3c3d0
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
GET /images/xt1.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: image/gif
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
etag: "626930f7-6c539"
expires: Thu, 29 Sep 2022 03:06:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 170568
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBa0vcefZpexH6ooapghLR64fI2nacW%2BJruirxeKLMLokW8jUxZae1j6IhA9PZxSiyJ3A8EpRYqwSKmaPatR7qPr4fIynaf8QNvg0w7aL%2F55LBNU4CTiGXMR3qpocDNSV0DubVr8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94151b02b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt12.gif
172.67.182.207200 OK 750 kB URL HTTP/2 tk.learning8808.com/images/xt12.gif
IP 172.67.182.207:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /images/xt12.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: image/gif
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
etag: "626930fc-b708a"
expires: Thu, 29 Sep 2022 03:06:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 170568
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dMaz1nnF4iEWGp2CsRX6%2Bd2WlDOt8bKvY0rmjaEua3TLfsKQiWTkyuTZ%2FJAlkGn9Qs1N4oN%2BhSH9ZEONlS1X%2F%2FZ%2FwXYH07I61jSb7XQpi6lTB4r2o9iOg2dAW4C%2FDRJ%2FbT2mMeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94151b00b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
188.114.97.1200 OK 1.7 MB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 1.7 MB (1694103 bytes)
Hash e0683300f87417acd15b262e86ed1cee
242b444affe416f22f0b9ee7624025cb67e60124
9cc65eb1aa88e81df0ed4cd518a65fef1d83db891ad4e9595a46a4c10264ef3d
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 13:18:25 GMT
vary: Accept-Encoding
etag: W/"62f65321-289e"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inR2tCV%2FpPRoFT0FYlKtYrxtMWPtxtOsK2dSYaNwOH9iJ1ep8QbEdjyLWY9m1FLynYlcWqNHJR%2FGIWcDZPdbRWoZz45AVb8lNhBfpk5gOHZgZepg5t%2F4SLfzBOg5avbuud%2FtMRii"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94136ba9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
188.114.97.1200 OK 1.6 MB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 1.6 MB (1640150 bytes)
Hash e0f235f202ce7d9117d696dce765a069
649456d340173b07cac32d6b87750db490d67ae1
b7c063f1e67e395b1a76c3955c701a1bd0e013e2d48f747d5f6adc5b7fdf4c6d
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 07:53:34 GMT
etag: W/"62f9fb7e-3d9"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLlCdNStPJFAckE7VHZc4tCfF6cjbQK%2FK0ZonwKkVvo9GA6PV%2BO%2BSEkN0JgwaOtoc7p0aXVl7J12x%2F2%2BFfin0POsUvEqR4gns1hf4RQRMDZkpVNHxNx3tjxZxEIABZ8gdV04jVdx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b69b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
188.114.97.1200 OK 2.2 MB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
IP 188.114.97.1:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 2.2 MB (2169374 bytes)
Hash 5beb8d6588baa3de80c172dd14b322de
4a44c918bcb7b57896bef68866d9818fa3a1229b
b7b75b359370df8dd0ee64f5e9a2a3d9b8e5539e30baa2d39932b273a3a227ed
GET /yPS7hqfHgkFauS2djb/xx1.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Sat, 27 Aug 2022 12:09:31 GMT
vary: Accept-Encoding
etag: W/"630a097b-750"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLGvuBgyXJSJCwCxHTJ6003k9SZlxQ48OqBrAvq%2Bd%2BaZDD32iL2DDlCD0RoHBA%2BXhO9thKfSg4VPNX3h0ETBpC3cidpeBOdnq%2FwKf8CldxkdP6M%2BZx%2Fjm4NLz1d%2Bj%2FEa2LCs0DEw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94133b67b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a4c71bb51e299420dfe1e238f2dd17d
6a77be5234945767db9d3bb9a7fac61131795b41
dfafdf969ff462cbeaf982195439e1c3f8abecd8516719f1e259ac59bad0e9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFAFDF969FF462CBEAF982195439E1C3F8ABECD8516719F1E259AC59BAD0E9D0"
Last-Modified: Tue, 30 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17164
Expires: Thu, 01 Sep 2022 07:15:32 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98035834206ba4d4807dcd2502af7dd2
0cc91d36747d70bfb6af8b6dbf81580a66977f4c
23ab969a1c9591a765082022a4005a551832a62f0e36e82df35dfde6b70aabbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23AB969A1C9591A765082022A4005A551832A62F0E36E82DF35DFDE6B70AABBB"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10363
Expires: Thu, 01 Sep 2022 05:22:11 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98035834206ba4d4807dcd2502af7dd2
0cc91d36747d70bfb6af8b6dbf81580a66977f4c
23ab969a1c9591a765082022a4005a551832a62f0e36e82df35dfde6b70aabbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23AB969A1C9591A765082022A4005A551832A62F0E36E82DF35DFDE6B70AABBB"
Last-Modified: Tue, 30 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10363
Expires: Thu, 01 Sep 2022 05:22:11 GMT
Date: Thu, 01 Sep 2022 02:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5899
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
klx30.zhgmjglh8k.com/
172.67.198.54200 OK 16 kB IP 172.67.198.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1be7659dd61b0ebc83362db5f2841b88
cf471ef21a96a65713c9c124553f67c1ac083b27
02f373d6dafe875cfc0fb5417706e1d3c50b36049f81fcb89dd4ab67823b9f36
GET / HTTP/1.1
Host: klx30.zhgmjglh8k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.myweblock.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8duIj2JUxTNLCxuy%2FqVqpiemikKxdC6kDe0Nw8m3kNgFTaTu2L5NlWRJFyoXLfiJsGd6DjH8%2FacL82yqjIdkWI9ADFREde4%2FVBEYR2eUaLZQEpZXFFI4LpNIo8q3sfUHPs2FGBycA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a940efa01b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
188.114.97.1200 OK 2.3 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3ed810dffee9eec22640bd0762420508
a69a6cf3a5fb5004e5cd40d1987a36068835f107
9f35e9bbdfac810203bab6d2e0a933971eef4254cac401bff3d8087c86c14368
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 14:03:55 GMT
vary: Accept-Encoding
etag: W/"6308d2cb-f28"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXf5xc6t%2BI%2BjqRLGa5tAB1Hn0T0MdC%2F01B1eWbsHLFv%2BtFAqKEXATwtkhoWw7uOPRx9tHHxhdHAGXp0ogfOU%2BmuEddm4c3pbQ5s6yOYONw8Z9gjzcxeqPr8Tok%2BqjgzUwT7U2h5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94134b83b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qYh5Pc0cx8--7rIjlMt8IhDKNDMnZEpC_7xfNBIJxWllyLcG9Eh6xg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 04:03:39 GMT
age: 80750
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d6b6055-c5ff-4cd3-8fc3-8d3437f9e72f.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d6b6055-c5ff-4cd3-8fc3-8d3437f9e72f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16e1935fd65e2d2ae1ed579f4c8ddf00
14ef9f1a86db7d0c273d05955455163b5bfc5dc4
d88b18ecda4b37d39cc4168e2c502a2fe744873170bfaea3351c52f60081ff8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d6b6055-c5ff-4cd3-8fc3-8d3437f9e72f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9241
x-amzn-requestid: 6d595a25-c0c6-4d74-9937-666d3e3a0ed5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaHbkHPKIAMF6OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63071f7d-0f6bf45a3295ada653e69dc2;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:06:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLPEALVOWDTOlj4rgArk5bwHskko8LIP5GmDp84iGjaDyHaco38PYw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 11:52:52 GMT
age: 52597
etag: "14ef9f1a86db7d0c273d05955455163b5bfc5dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5462f9cd42022db20960e7e427a3435b
46c5459c2180470d9ef093e0462864a50aecec04
7a5d4e5f5640ea5e11e5ef09404c6c5c1b35274749a7008b8012c5596193e2d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7037
x-amzn-requestid: 87fe6c4c-b2f0-4253-a49a-9b7dbb25489e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdMltH-AIAMF8VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63085af1-32d919c1565746a82988166d;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 05:32:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yB5TgpNE5V24NkbNVTQfwNxn-IVjGcs3CamGNlabOvnFxMoR_yzX5w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 15:14:38 GMT
age: 40491
etag: "46c5459c2180470d9ef093e0462864a50aecec04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0d8ed4b8bda662c244b9d26cf143147
151395a70faa075762664fc6cd52a65004b5c81c
49b381815612b7ecb021f243438aae99e399993d91fb38bf5d7bb3d357519d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9152
x-amzn-requestid: 12c7a724-7c66-488e-b1c4-ac222ed4e5aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5H6sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-0fc85d8539d761367b821823;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _j9qaEvy56YyK9qz0CaE2IO9_yEsoM7RIhO_5gddryb3pgOdOmH-OA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:15 GMT
age: 17534
etag: "151395a70faa075762664fc6cd52a65004b5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b46098e6312289bf2dabdd2f59eaf59
f8cf4a4e2a1dc40c69ee798061854467638aa729
7bb574068eb04a2f038561bce87628895b46edeb44fd217fcf9b1ef8f8e6e55c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BB574068EB04A2F038561BCE87628895B46EDEB44FD217FCF9B1EF8F8E6E55C"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 01 Sep 2022 07:29:34 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4d76b77679b240a39ddd4487cfe6d557
4b1dbe375a0656d55d4ff5696bb666aa10916f23
4813f8c31cc86820f28b311cac31374faa84add356b365a495a2bdfa0ce13506
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4813F8C31CC86820F28B311CAC31374FAA84ADD356B365A495A2BDFA0CE13506"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18289
Expires: Thu, 01 Sep 2022 07:34:18 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7be4a52330d1dfc737e9d20e64d2aadb
4a7d5d62012de7275c34dfdc3a0fc2d06eff63df
fc6eaa423832b7916af6cd8b3c46a1565ba04f8073b1f9c8c29b7d7a0ab55c90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7424
x-amzn-requestid: d873cd60-ea9c-473d-962c-73a9ec707c60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj85EHZSoAMFSgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b0ea0-7c7815dc10ab7b8b444f89ff;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:43:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wJHY7X16ynGBokDQ_FXSKQU87cKaoZFAtVzhkAoZkgxB-noD3LLdJw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 05:01:24 GMT
age: 77285
etag: "4a7d5d62012de7275c34dfdc3a0fc2d06eff63df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 6b6dd8501e0a9c70976674c5a78022d9
de7b3711d41a338c83e0dd3a3abc2365909c1864
a86272d9e9df5652d385fcbb2e06b38cc062fd992b1d63bf02589588f80f9144
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Sep 2022 01:00:05 GMT
ETag: "de7b3711d41a338c83e0dd3a3abc2365909c1864"
Last-Modified: Thu, 01 Sep 2022 01:00:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3581
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743a9418da7fb4fa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4d76b77679b240a39ddd4487cfe6d557
4b1dbe375a0656d55d4ff5696bb666aa10916f23
4813f8c31cc86820f28b311cac31374faa84add356b365a495a2bdfa0ce13506
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4813F8C31CC86820F28B311CAC31374FAA84ADD356B365A495A2BDFA0CE13506"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18365
Expires: Thu, 01 Sep 2022 07:35:34 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
js.users.51.la/21278777.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278777.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash de9e807c58439b7f1dcfd07aef92a952
60e9ecde5e0aa2ff63056ef1d217bb518d639c17
d7502b3ebb842a7c57646468874ae513c47e00c97649bc722ca1d350588dae97
Analyzer Verdict Alert fortinet Malware
GET /21278777.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=1d7f64457940c4d9664; path=/
HWWAFSESTIME=1661999365270; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 083cbf198aa8509ee385ce43dc13758b
7ed7d1c98613487fa011eef7525a79906574adba
351710ba49f48d628c64a8f3957af246f1f49f7b9281c63f414021a537878dcb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 19:05:04 GMT
Expires: Tue, 06 Sep 2022 19:05:03 GMT
Etag: "7ed7d1c98613487fa011eef7525a79906574adba"
Cache-Control: max-age=491133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743a941a7b1fb4fa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1216556d4664f69be70afe6af9255156
ba42acf3d19812b498cec45e6be4db8be74819ba
92adf1d4e546ed009a74ad6279c122eab52e02a7d1b1a67e4ed1b8c44f0c1238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ADF1D4E546ED009A74AD6279C122EAB52E02A7D1B1A67E4ED1B8C44F0C1238"
Last-Modified: Mon, 29 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12272
Expires: Thu, 01 Sep 2022 05:54:01 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1216556d4664f69be70afe6af9255156
ba42acf3d19812b498cec45e6be4db8be74819ba
92adf1d4e546ed009a74ad6279c122eab52e02a7d1b1a67e4ed1b8c44f0c1238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ADF1D4E546ED009A74AD6279C122EAB52E02A7D1B1A67E4ED1B8C44F0C1238"
Last-Modified: Mon, 29 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12261
Expires: Thu, 01 Sep 2022 05:53:50 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5ffa5ddd251718693d294b260d59fa85
43ff31488aa72bebae690a513231270f15f1e637
b2ffed0ac0ac4279de766ac58e35d588cd000392fbd2cc401e57c6fadc3960c9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 15:55:51 GMT
Expires: Wed, 07 Sep 2022 15:55:50 GMT
Etag: "43ff31488aa72bebae690a513231270f15f1e637"
Cache-Control: max-age=566180,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743a941a7ced0b55-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1216556d4664f69be70afe6af9255156
ba42acf3d19812b498cec45e6be4db8be74819ba
92adf1d4e546ed009a74ad6279c122eab52e02a7d1b1a67e4ed1b8c44f0c1238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ADF1D4E546ED009A74AD6279C122EAB52E02A7D1B1A67E4ED1B8C44F0C1238"
Last-Modified: Mon, 29 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18340
Expires: Thu, 01 Sep 2022 07:35:09 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1216556d4664f69be70afe6af9255156
ba42acf3d19812b498cec45e6be4db8be74819ba
92adf1d4e546ed009a74ad6279c122eab52e02a7d1b1a67e4ed1b8c44f0c1238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ADF1D4E546ED009A74AD6279C122EAB52E02A7D1B1A67E4ED1B8C44F0C1238"
Last-Modified: Mon, 29 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12254
Expires: Thu, 01 Sep 2022 05:53:43 GMT
Date: Thu, 01 Sep 2022 02:29:29 GMT
Connection: keep-alive
n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
20.205.43.240200 OK 27 kB URL HTTP/1.1 n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
IP 20.205.43.240:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a1c2da66e2c29eb2e773106b173744b
a4434cd3a7fb2945469a018321d99243714f74b5
1c2011996c4654196c0b454b82791d7c44f39ac30c91b4c67490d625db5efc18
GET /80c8a3886e5e4885b9ceb421172edb63.png HTTP/1.1
Host: n0404.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 10:29:37 GMT
ETag: W/"62bc2991-6a00"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
20.205.43.240200 OK 40 kB URL HTTP/1.1 n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
IP 20.205.43.240:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 35a667b9206e2693a5020fa8d30ddf77
ba818913ff0e821fefd8b24a18f8b398188cde6c
91dad25f00d7b090cf7c728b8b3db359a92652068391126fa212badd4e7e60d8
GET /8e1e9034b4a54c10bcdc828a830c011c.png HTTP/1.1
Host: n0404.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
ETag: W/"62bc2971-9c77"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
www.gg123456789gg.com//upload/vod/20220831-1/2dc22e3d8cc91e2c11beddf1ddca4447.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/2dc22e3d8cc91e2c11beddf1ddca4447.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 2eb05e2a1f0a4b870482fa5fba7964e3
20c42595e2e14b95cd926f7290178b14b1500ea2
34f24ba6e5988bc558ca4eb11c35970b84889ccd8c319e84d3c69753eb29816a
GET //upload/vod/20220831-1/2dc22e3d8cc91e2c11beddf1ddca4447.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 10756
last-modified: Wed, 31 Aug 2022 07:30:07 GMT
etag: "630f0dff-2a04"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/9009c3eab517a9d8b307dd05f5129d4a.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/9009c3eab517a9d8b307dd05f5129d4a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 8997919902508491b954973b02b78957
df8d0538cc223c9478aa39e8336de74f6c494213
ee4021473b2888e4b19336fa4daf40ec9b74a8cd5d8eef3d96a168921062a3f9
GET //upload/vod/20220831-1/9009c3eab517a9d8b307dd05f5129d4a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11137
last-modified: Wed, 31 Aug 2022 07:30:05 GMT
etag: "630f0dfd-2b81"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/f68544fea2fa9c8f53b5ac5378386e8e.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/f68544fea2fa9c8f53b5ac5378386e8e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e0a9fb9f0efec8f3bef965b1ef8c6250
4e99cf4f3042481191713d6955297428d2d3c415
6e1fdbc78a0b33f3ad04ca425d345fb4edd9e9fa15667e874a3554e94b572c69
GET //upload/vod/20220831-1/f68544fea2fa9c8f53b5ac5378386e8e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12543
last-modified: Wed, 31 Aug 2022 07:30:05 GMT
etag: "630f0dfd-30ff"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0399.com/370fe18fce95412383ca14e44a0d41f5.png
20.205.43.182200 OK 51 kB URL HTTP/1.1 n0399.com/370fe18fce95412383ca14e44a0d41f5.png
IP 20.205.43.182:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 691db6b8b1c78bd61af34f67ef4cf7ae
381f65979a443a93ed5a2251387c1c957921c28b
10585c904a334c2cb885bd4a4396d5d77018115714ccc933d3a44d1d14db8d46
GET /370fe18fce95412383ca14e44a0d41f5.png HTTP/1.1
Host: n0399.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 10:29:58 GMT
ETag: W/"62bc29a6-c7f8"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 0f0f0998a2c356f706616ef1b337f109
e9862a4dbf503d5242970f2a9acb847c13689dce
a822da5f44383fc4e28cd5db1a3f7c0826967312c3ae4e4882c0169acbf5e90c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Sep 2022 00:04:10 GMT
ETag: "e9862a4dbf503d5242970f2a9acb847c13689dce"
Last-Modified: Thu, 01 Sep 2022 00:04:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1566
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743a941e0bc3b4e8-OSL
www.gg123456789gg.com//upload/vod/20220831-1/eeded20c71d58d3e2bea9522bc435fcb.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/eeded20c71d58d3e2bea9522bc435fcb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4272123ef8d254395627933084cbe3c6
5eeca0a97565afd9d135ac8175841b367b2df2e0
22252e96ebe0c55bbcedab26928968698caf6a29d70e18e7458601a4bbcf3696
GET //upload/vod/20220831-1/eeded20c71d58d3e2bea9522bc435fcb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11763
last-modified: Wed, 31 Aug 2022 07:30:05 GMT
etag: "630f0dfd-2df3"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/c5073b53bff49e3a6da99479dd8520f1.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/c5073b53bff49e3a6da99479dd8520f1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4348232c0ec50e05f9b89da147401881
804b0a384cfc45a9a5e3e7c0e225c774fb1b864f
f7a509221486934078df3fa1ca18ac45faea60eb5353ba123e6ea7f5a3dd74c1
GET //upload/vod/20220831-1/c5073b53bff49e3a6da99479dd8520f1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 10839
last-modified: Wed, 31 Aug 2022 07:30:05 GMT
etag: "630f0dfd-2a57"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/9cfaa19a095574c9335e5855cb65216e.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/9cfaa19a095574c9335e5855cb65216e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ac972ffaa7ecd3f9f264ffd7557efb8b
dc239cd6ce7c4519706d2166af0dab79935f8acc
0c335bbce328e3923c7ca934dcd4fd944a2ba1d84f4d4ee20ce045a7011bcdaf
GET //upload/vod/20220831-1/9cfaa19a095574c9335e5855cb65216e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 14657
last-modified: Wed, 31 Aug 2022 07:30:10 GMT
etag: "630f0e02-3941"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d141ccd20ee0f96b5f7b9c61762ebb6b
0acb94ea1e74fb55739645d3501eb81693a6effd
8c3a66c05f025ad86574e8c4700fe2c87defb782fd2c7711d88242675413489b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 17:50:02 GMT
Expires: Tue, 06 Sep 2022 17:50:01 GMT
Etag: "0acb94ea1e74fb55739645d3501eb81693a6effd"
Cache-Control: max-age=486631,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743a941e2de00b55-OSL
taiwtp1.com/img/960240.gif
220.128.218.220200 OK 224 kB URL HTTP/2 taiwtp1.com/img/960240.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 240\012- data
Size 224 kB (223879 bytes)
Hash a39bb27f09ccd6961fe1c0f3074a8b97
0e914bc58abc78e7275d3c639e2aeb548313d627
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:27:59 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Sat, 01 Oct 2022 02:27:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4849f22819abdc3a7b98bc4fe1a95027
5fb3c9208e7cc67d8fbb310326568f732730a412
0433550bc8a51be11f2dfa5c588984e04939f5c4193be5dd23d6752599934157
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 23:37:27 GMT
Expires: Mon, 05 Sep 2022 23:37:26 GMT
Etag: "5fb3c9208e7cc67d8fbb310326568f732730a412"
Cache-Control: max-age=421076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743a941d6c12b4fa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash dfc140795cb0aeb52ee04342c9a53071
a43fece98d0c9b73f14bb2562a9e13222bd92287
e95dd379ee0f82aec63cedba7ca146c34e7e48281cc63b1e305fb6f43dd58203
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Sep 2022 23:26:22 GMT
ETag: "a43fece98d0c9b73f14bb2562a9e13222bd92287"
Last-Modified: Wed, 31 Aug 2022 23:26:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1689
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743a941eac03b4e8-OSL
www.gg123456789gg.com//upload/vod/20220831-1/1ca18374074d4f1d99f0c56a607c8149.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/1ca18374074d4f1d99f0c56a607c8149.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6b22b6b6fcd569325c8610776dc5dd93
fd60a91c51d0da7d90283dcfed14c010d3ac4332
ea497525b838eb392cff62b02d540a54c036e28cd1e170292068c3314cde5902
GET //upload/vod/20220831-1/1ca18374074d4f1d99f0c56a607c8149.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 13044
last-modified: Wed, 31 Aug 2022 07:30:10 GMT
etag: "630f0e02-32f4"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/0002595c827bdbf83b7be50ef72093b1.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/0002595c827bdbf83b7be50ef72093b1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6ad5c96c02efc660d610200b7291c6b5
dfe16f93c2c7f019aea08be871bc54f778d69460
822ba4c7f5537f203b0679f635fffb49ff752cb82485daa41bf7c849d0912a21
GET //upload/vod/20220831-1/0002595c827bdbf83b7be50ef72093b1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12886
last-modified: Wed, 31 Aug 2022 07:30:10 GMT
etag: "630f0e02-3256"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash aa4fa5733a63a60bee7f697b2a3ab522
1ca1379069a5c016045739a5d8e2ee33540c6fe0
40490f6ff5c2b33c660858a7ee2a0b84b2585225cb35b9cad34c386793f4fb06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 20:00:04 GMT
Expires: Wed, 07 Sep 2022 20:00:03 GMT
Etag: "1ca1379069a5c016045739a5d8e2ee33540c6fe0"
Cache-Control: max-age=580832,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743a941e2d7eb50c-OSL
www.gg123456789gg.com//upload/vod/20220831-1/302af48f713fa519d53d9f105850038c.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/302af48f713fa519d53d9f105850038c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5d0aa9f0b6950f334e3ffa9246fb3325
70c18767aedd697e2beb699a29574b7ea052098f
7093ad00c3cf1cfe8e7903eea5393d414aeb6e2c61d5bb816b06b23c30ecc786
GET //upload/vod/20220831-1/302af48f713fa519d53d9f105850038c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11596
last-modified: Wed, 31 Aug 2022 07:30:10 GMT
etag: "630f0e02-2d4c"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/bf715a1ddc9f5a070218aa08590ed190.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/bf715a1ddc9f5a070218aa08590ed190.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 919d509e18cfd110a12e106d3db8d091
de86cd3fbd0cef0ae6dae765b2678411c911a080
bfb99e84a89d19b6705c258e32ddfe814c01330f364a7232e791c7e64134e607
GET //upload/vod/20220831-1/bf715a1ddc9f5a070218aa08590ed190.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11739
last-modified: Wed, 31 Aug 2022 07:30:09 GMT
etag: "630f0e01-2ddb"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/35cbc29b7e2ef5e0f3c581b67d9a70d6.jpg
136.0.141.5200 OK 6.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/35cbc29b7e2ef5e0f3c581b67d9a70d6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1d8dd37c5c9ad103f7fdc212fca28d47
04d47dfa7484003661e27e99738ee0405f4c2f44
2096a05f061a13f4e18c80a815d4abf4b5522c420c15dbb8f24614284ba1c12d
GET //upload/vod/20220831-1/35cbc29b7e2ef5e0f3c581b67d9a70d6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 6648
last-modified: Wed, 31 Aug 2022 07:30:09 GMT
etag: "630f0e01-19f8"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/3ce6e8b985eddda1b279f0db1efae7c6.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/3ce6e8b985eddda1b279f0db1efae7c6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c2afd44192e397e631c5a19769756807
4e8592cd335644888cb7b4b8c9c0d4948924949b
bb1a8b248e92bcb8c814ad487e9adeb2d38d209a075979b438098c90aece0551
GET //upload/vod/20220831-1/3ce6e8b985eddda1b279f0db1efae7c6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11820
last-modified: Wed, 31 Aug 2022 07:30:09 GMT
etag: "630f0e01-2e2c"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/cf4af91d948ca6c4eafe279ba5e51f25.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/cf4af91d948ca6c4eafe279ba5e51f25.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 990f5e0e70023f2e61fae4712b84f53f
2f546e4be73065d748db844029935a46d1f654dd
5edefb6826ba726a1d7174ac775cc952152b0ec185c4de257a8780be84eb2caf
GET //upload/vod/20220831-1/cf4af91d948ca6c4eafe279ba5e51f25.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11825
last-modified: Wed, 31 Aug 2022 07:30:09 GMT
etag: "630f0e01-2e31"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/778304bb9dc8df38851c492d4031b481.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/778304bb9dc8df38851c492d4031b481.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f0e0c8991fa25aabb1a3e86543269c11
f458dfb955973b96580745b98170fa558720a7c4
a49af9ac1eac77134a690d27884b9a3a9d13bd428ada2b367749d36dccdf1fd7
GET //upload/vod/20220831-1/778304bb9dc8df38851c492d4031b481.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12895
last-modified: Wed, 31 Aug 2022 07:30:09 GMT
etag: "630f0e01-325f"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:27:59 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 01 Oct 2022 02:27:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/9f19133d908591df00e7c7b52f59d792.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/9f19133d908591df00e7c7b52f59d792.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b714e005dfba48ef3d39bd9e0f3c77aa
556a527452d583deccb336975a2d35a1331f2775
316471827ea4a6bb766be3691e66b677a73d2f6e9fd669358b2fedc66ca4ae0e
GET //upload/vod/20220831-1/9f19133d908591df00e7c7b52f59d792.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11549
last-modified: Wed, 31 Aug 2022 07:30:08 GMT
etag: "630f0e00-2d1d"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/5ba374c8ea8fbc1503c1d8305451a916.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/5ba374c8ea8fbc1503c1d8305451a916.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a96493fdbacac93a446e7d1349801364
6a1d4feb219f75ccced369b808b8857d0dd405b2
34d2268bc2b8240e2f419d92963dbe93b4abc4eb952cb202246387c221d4d0d5
GET //upload/vod/20220830-1/5ba374c8ea8fbc1503c1d8305451a916.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11676
last-modified: Tue, 30 Aug 2022 07:30:24 GMT
etag: "630dbc90-2d9c"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/b5592ccd18c9c56e5ec624d8842c92fc.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/b5592ccd18c9c56e5ec624d8842c92fc.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 8e866b1d4dbedd16bd661c7654aec142
5e179a107b39e667953c98ee03e9924b9d336466
f41fcef838295cc10b93c0a3e785d5b544f37df9478b19a4738d5e621f7509fb
GET //upload/vod/20220830-1/b5592ccd18c9c56e5ec624d8842c92fc.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12588
last-modified: Tue, 30 Aug 2022 07:30:24 GMT
etag: "630dbc90-312c"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/637af73b7a224f158f3c18a684f6a06e.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/637af73b7a224f158f3c18a684f6a06e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 43cafc6b53977c23a25eabd0ca644d5f
da6a9454719995dc54cd334b709487940c8cbd1d
96f92ae4f985a9e145d2d7ba0cfc9981ac96c8a0b55c70842ea1f44feba8491c
GET //upload/vod/20220830-1/637af73b7a224f158f3c18a684f6a06e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11617
last-modified: Tue, 30 Aug 2022 07:30:23 GMT
etag: "630dbc8f-2d61"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/1e4e3d9fadaefef0442b0235169d5d57.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/1e4e3d9fadaefef0442b0235169d5d57.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a8a20551f572cc2139eb02c2461ea6e1
57ee150d7283b885fb4898d05e1081aed6c9709a
03985092d74a5620fc2c08714933825671c2ee9f28a758df25e89608fa0ca14e
GET //upload/vod/20220830-1/1e4e3d9fadaefef0442b0235169d5d57.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11681
last-modified: Tue, 30 Aug 2022 07:30:23 GMT
etag: "630dbc8f-2da1"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/23816cb144fb6733eef8791ddd5f95c6.jpg
136.0.141.5200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/23816cb144fb6733eef8791ddd5f95c6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7fd2e19b43cda10f36044f69e4e12c51
3f538391f1bceb954d83a18776a5f268207c67c3
1ebd8cbe58beb1752a521b170240c38d4eb0f9a409ce420893646206fd7d7071
GET //upload/vod/20220830-1/23816cb144fb6733eef8791ddd5f95c6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 9639
last-modified: Tue, 30 Aug 2022 07:30:23 GMT
etag: "630dbc8f-25a7"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/cf53505ba8593492c5ff6c3e4c3d702b.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/cf53505ba8593492c5ff6c3e4c3d702b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f3ea2484577a2836a9fdca3727b5f34b
8f808819aa287654bf19cadb79fe9b477d68b897
14932fa7d11d8b3f1ab0f4e8bd6239c93e7215ac4c93235fff6c61dca9663d58
GET //upload/vod/20220830-1/cf53505ba8593492c5ff6c3e4c3d702b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12782
last-modified: Tue, 30 Aug 2022 07:30:23 GMT
etag: "630dbc8f-31ee"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/98d2f7ab257900b9f67c34ab7a9756b1.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/98d2f7ab257900b9f67c34ab7a9756b1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash d5787227f2cad9b520fa0fe890dda9da
db72c899a9f1807f5acf3e64d1fa4634eade9e93
e09aaa44fb9c5c246d929b7d2e329c816ab44c96be85e3c713ce35b11ef5de5a
GET //upload/vod/20220830-1/98d2f7ab257900b9f67c34ab7a9756b1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 13845
last-modified: Tue, 30 Aug 2022 07:30:23 GMT
etag: "630dbc8f-3615"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/d9a37f5c14c04da970137777286af55a.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/d9a37f5c14c04da970137777286af55a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 599e680ad4a3907c725e58293e806952
4266cf479d3ab734ba20fd1ba88a89c81bb5a19f
7601c9a2f6f964e743912de67d6eee27dfba5bf8ffa29f6f0f664c41d9281bb6
GET //upload/vod/20220830-1/d9a37f5c14c04da970137777286af55a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 14026
last-modified: Tue, 30 Aug 2022 07:30:22 GMT
etag: "630dbc8e-36ca"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/2be4616a578435ba3332d8d9cbfd5688.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/2be4616a578435ba3332d8d9cbfd5688.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b6249151138527692f81491097b9ba92
30a6af7301267f794710f5d8988c251ea35e7620
c3406d10ff486ced50264420911b39d9d9ea7f141b12629845699cae22573f62
GET //upload/vod/20220830-1/2be4616a578435ba3332d8d9cbfd5688.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 15257
last-modified: Tue, 30 Aug 2022 07:30:22 GMT
etag: "630dbc8e-3b99"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/c0e93cfdac4dc170cefff673d9f9f0cb.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/c0e93cfdac4dc170cefff673d9f9f0cb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0ef726536904cabc62c7fed03e7ee00a
c358a9c6dd3e9dc101003ad5d4f17b742337b900
615f9c92b812f723c36afed70e6d730084dc59ab160b013cd1433295f978a9d9
GET //upload/vod/20220830-1/c0e93cfdac4dc170cefff673d9f9f0cb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12620
last-modified: Tue, 30 Aug 2022 07:30:22 GMT
etag: "630dbc8e-314c"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/d8448d1867735eb33d35fa5a7e24b7d5.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/d8448d1867735eb33d35fa5a7e24b7d5.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash afbc8c03a69adb8fb2df6cccda9fc10b
776c84f938ef0b5985895fc6175dfd6d222eb64a
fe6430f0fe4c9f1b72e0018b984334221a09a2a527616bdfc225e4e06cdaf4ab
GET //upload/vod/20220831-1/d8448d1867735eb33d35fa5a7e24b7d5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11408
last-modified: Wed, 31 Aug 2022 07:30:15 GMT
etag: "630f0e07-2c90"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/44fd6617a2d5eb0ea346dc2260cb1c7e.jpg
136.0.141.5200 OK 8.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/44fd6617a2d5eb0ea346dc2260cb1c7e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b75761cf5b711e25be92fc1618138b8e
4f92cd7d03b7e84ca563610238a694157d078bbb
799c23d36ecb03e506e6068d8b5da2a90c29a9d3e4b13b63dfae4e5b2d9ce6b0
GET //upload/vod/20220831-1/44fd6617a2d5eb0ea346dc2260cb1c7e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 8219
last-modified: Wed, 31 Aug 2022 07:30:15 GMT
etag: "630f0e07-201b"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/dbbba3905b35a21624de03b3187d1e75.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/dbbba3905b35a21624de03b3187d1e75.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash cf96e57d12ba15ce4b02c398e0eb7cf5
d77effae888f5386edcb1151fdad3a9d96b0d76a
5d461897ab7d129a7283be315d8baae8c7a98b7a887e1d0f54a8e55ddb2c0f19
GET //upload/vod/20220831-1/dbbba3905b35a21624de03b3187d1e75.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12349
last-modified: Wed, 31 Aug 2022 07:30:14 GMT
etag: "630f0e06-303d"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/a385ae4e03e6de0268806e12757aae4b.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/a385ae4e03e6de0268806e12757aae4b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 176ef313331cb30f4c9af62c64b849ab
126d50afb2e37523d5df97da4ffe9955bb8cda46
e9704acd3dfedad5910dbfe69e743343656136f8fa88d7bfc3f2aa98fb93707d
GET //upload/vod/20220831-1/a385ae4e03e6de0268806e12757aae4b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11839
last-modified: Wed, 31 Aug 2022 07:30:14 GMT
etag: "630f0e06-2e3f"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/704f0966bf37b886e4360955e75e7fb7.jpg
136.0.141.5200 OK 9.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/704f0966bf37b886e4360955e75e7fb7.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b37e370cf1a5d943252d21e6dd454171
1840093a0bd6abe957f940d6a87b0395d183de07
d9b0f026dc69803a9ff485887ba498c3236c6f91cada0bb8f7f008eb13915b87
GET //upload/vod/20220831-1/704f0966bf37b886e4360955e75e7fb7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 9143
last-modified: Wed, 31 Aug 2022 07:30:14 GMT
etag: "630f0e06-23b7"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/643ad9a2d6c223974718f6ee3ca1b9af.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/643ad9a2d6c223974718f6ee3ca1b9af.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash dc4891b07fdf2026d8a3baf482c12fca
2d54cdf5ae599019799ca8d78ee0e93d71ab81a3
5f6f43050452afc268e337b280cac257e9af81444246e75b6349c7f0347eb985
GET //upload/vod/20220831-1/643ad9a2d6c223974718f6ee3ca1b9af.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 10928
last-modified: Wed, 31 Aug 2022 07:30:14 GMT
etag: "630f0e06-2ab0"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/b4764b351234461f062fe9041a185428.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/b4764b351234461f062fe9041a185428.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ab5ab27d34ae9e21126bb183e9f5faad
4bcee211430941ecf1ba863ab2e67df9ddc2b5fc
687892393342a9d78e11074072c7ad6c682eeab9369c9304f441279bffadb148
GET //upload/vod/20220831-1/b4764b351234461f062fe9041a185428.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11490
last-modified: Wed, 31 Aug 2022 07:30:13 GMT
etag: "630f0e05-2ce2"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/19b7df6f41aca6a4ace447507cda05eb.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/19b7df6f41aca6a4ace447507cda05eb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b566b2fc6bad027e850a89cee6afd6a1
ab918107fa9cbc7d2f0d408b5c416ea3d2385070
82036b9a52f5a9a0fef6d02c36eac2739f669ccc9f76771a4cc27bd9c405ac2a
GET //upload/vod/20220831-1/19b7df6f41aca6a4ace447507cda05eb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 13247
last-modified: Wed, 31 Aug 2022 07:30:13 GMT
etag: "630f0e05-33bf"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/d023348887d80ce5f94805d05d8d876f.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/d023348887d80ce5f94805d05d8d876f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c901f80006ac81f2f437599612ed1d1c
fdf72f98650af99439f591d837478b66c268ea94
62e477130af7ce591636529fb875ba572a06fcdd88131499f22bb86986a3fba9
GET //upload/vod/20220831-1/d023348887d80ce5f94805d05d8d876f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 10422
last-modified: Wed, 31 Aug 2022 07:30:13 GMT
etag: "630f0e05-28b6"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
188.114.97.1200 OK 783 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 783 kB (782749 bytes)
Hash fc931f55aa6fc1416980acbab06f6474
7690d06ffc3286791ae526a5331ee5a804e6eaf1
ccf4e0661ed86bb042a5785c9b2269a2464eefa506f5bfafec274a27fa081585
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 07:39:03 GMT
vary: Accept-Encoding
etag: W/"62397d17-449"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIAdfQ8%2BlBqTlWqpDwD8qLjEqGy7OYb%2BUhEd%2BGuox3j11CLWkpE0bfdT%2B7XGR6OT64MELoglWSkQMqp1tX9hhFN0CIyyTEezExPZVOR4XvJmS9tleWd%2FnDOTG9qW8%2FV%2BXDkHi6WE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94133b71b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xox8956.com/b54fabb21dcf461696483c00e563d773.gif
45.61.212.122200 OK 14 kB URL HTTP/1.1 xox8956.com/b54fabb21dcf461696483c00e563d773.gif
IP 45.61.212.122:0
File type GIF image data, version 89a, 128 x 128\012- data
Hash a6018ebd9118a48b4180ee623a49f65b
7bd02f9127291c7879322552bec527d8f0fc1a49
87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8
GET /b54fabb21dcf461696483c00e563d773.gif HTTP/1.1
Host: xox8956.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bbfa98-34d1"
Date: Thu, 25 Aug 2022 10:33:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-22
Content-Length: 13521
www.gg123456789gg.com//upload/vod/20220831-1/6ad9bfc9522c4f10de9f882405513481.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/6ad9bfc9522c4f10de9f882405513481.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f532e194d64311f7268a087dc0cb3b5c
1dfd41dec57833c696a63ee97bbbdb5b51b509dd
87392ac9b233f2e617f1780be21266598e8fd3793616b810185c6c4457d8e3ce
GET //upload/vod/20220831-1/6ad9bfc9522c4f10de9f882405513481.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11755
last-modified: Wed, 31 Aug 2022 07:30:13 GMT
etag: "630f0e05-2deb"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/7fc83b7985ba1cd6627206008eedaed3.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/7fc83b7985ba1cd6627206008eedaed3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0b21157c857b85156755155b56e3b3df
7d2f46d67331a7b9e27fabc50acc48cea3a2a34d
3cf8b2d004fcb35445b13756a6c3457532ef103ec0674b15c5533856c0610444
GET //upload/vod/20220830-1/7fc83b7985ba1cd6627206008eedaed3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 13716
last-modified: Tue, 30 Aug 2022 07:30:28 GMT
etag: "630dbc94-3594"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/86cf68401e60e6b153f037ebfef08871.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/86cf68401e60e6b153f037ebfef08871.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a35a5f29c585e3d77b6ec557b84a6e54
1690f7d0b21ecb6fa054109bea788f7cc484b516
d8d2855d68850b59ddbc4264dd899efc8b6cdee349c101a68f982f265f9ca72b
GET //upload/vod/20220830-1/86cf68401e60e6b153f037ebfef08871.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 14575
last-modified: Tue, 30 Aug 2022 07:30:28 GMT
etag: "630dbc94-38ef"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/8f6fbd3d0b9a9612effed4b6b35480e4.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/8f6fbd3d0b9a9612effed4b6b35480e4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 11d4df3c6deaab42705c96c8e6e83037
caa8a4d1bcf1d62990b843e74edbe8d88e4c90b3
c395836e0b6afdbfe108342995b9c7d7b18e3e128fb0183968e805fbaefd64a0
GET //upload/vod/20220830-1/8f6fbd3d0b9a9612effed4b6b35480e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 14398
last-modified: Tue, 30 Aug 2022 07:30:28 GMT
etag: "630dbc94-383e"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/566df2ed96533610e8b96ec614eb64d2.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/566df2ed96533610e8b96ec614eb64d2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6fc9337cc58227952cb7cde56dd86231
f7bcfea1a31ad33015fdc513fefc65f7f45df636
d05dd9ee247cdcf3f38381c4245d8db9acbccdaae8dadee0c62d8ee32cdf1024
GET //upload/vod/20220830-1/566df2ed96533610e8b96ec614eb64d2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12325
last-modified: Tue, 30 Aug 2022 07:30:28 GMT
etag: "630dbc94-3025"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/1b15c7d14f14441c17700d391488b993.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/1b15c7d14f14441c17700d391488b993.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 09df444163523906b5abf7a254e9a399
e598aa2c61e9661345ffe8cf19e1c1cd0f91b434
ecd1d2dd22f6b160775a795b471dc1e5a5f8f14359e36b1eec5400f723d715ba
GET //upload/vod/20220830-1/1b15c7d14f14441c17700d391488b993.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 12099
last-modified: Tue, 30 Aug 2022 07:30:28 GMT
etag: "630dbc94-2f43"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/3ca2c318bab104a5b1ddd31f85917d38.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/3ca2c318bab104a5b1ddd31f85917d38.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e15608964871d2f23869e85ade4bc00c
9f89c7a0fffcd45d1e570c2e756f0dc549957a77
ad40d8b06001ba74f5f26dbb56ebff85a7daf9bb780ebff4304403da39f0fe89
GET //upload/vod/20220830-1/3ca2c318bab104a5b1ddd31f85917d38.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11845
last-modified: Tue, 30 Aug 2022 07:30:27 GMT
etag: "630dbc93-2e45"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/526822076e1ebaa3f8900b9f1fb5eefa.jpg
136.0.141.5200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/526822076e1ebaa3f8900b9f1fb5eefa.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 026938ed818477d7b5673049692ab084
a7fd0f31c0712c307993e7e8d3dcc26defb43fc3
8b7421695a66fc3382b43de1344680a326d9ea336bb64495143339aa3d3a33b6
GET //upload/vod/20220830-1/526822076e1ebaa3f8900b9f1fb5eefa.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 17566
last-modified: Tue, 30 Aug 2022 07:30:27 GMT
etag: "630dbc93-449e"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/8d8f08b413b9e12e1161e20ce7a0c610.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/8d8f08b413b9e12e1161e20ce7a0c610.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f77790be8eb6c28dee67521c660fecf3
308ae854efa67a6256b1bda6d36ab73b187f7512
fee3a319d827cf3f398bc8d2ef6ce6d07a79da0bbb74b645930def338c0bdf9a
GET //upload/vod/20220830-1/8d8f08b413b9e12e1161e20ce7a0c610.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 13048
last-modified: Tue, 30 Aug 2022 07:30:27 GMT
etag: "630dbc93-32f8"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/30efdb482bf80fa7e0092815eddaebd7.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/30efdb482bf80fa7e0092815eddaebd7.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2b9171bd9f79ca04b8c111a8a8101e7e
97293b5266b29af5ad5fd5c2241441bf8bd9ba12
f70e397e90244f4cdfda43e08e8c04118d4a513b85c0c2f5edcb14a0979a2d3b
GET //upload/vod/20220830-1/30efdb482bf80fa7e0092815eddaebd7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 14669
last-modified: Tue, 30 Aug 2022 07:30:27 GMT
etag: "630dbc93-394d"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220830-1/60cf62447d4a429c12ad38dd827dc021.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220830-1/60cf62447d4a429c12ad38dd827dc021.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 29941f4e048c28888cce0200afc75c46
114cabea9b195fd62dc1dba67a7ee46140a9b0e8
f92eb6f605719145305b3931c8cf0135926dc2048ff5e0083905de3c26e5ad72
GET //upload/vod/20220830-1/60cf62447d4a429c12ad38dd827dc021.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 15250
last-modified: Tue, 30 Aug 2022 07:30:26 GMT
etag: "630dbc92-3b92"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/e20bc41f030a52c0e644678ad25bff43.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/e20bc41f030a52c0e644678ad25bff43.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e10c6b7edf0e3f83c33831973104a244
45246f63e40da8dba4d3d9ddb5ee10e63eae8fa4
55b2aadf277f4910f2ea6ba8e38b5460e2eb37e9ce4e0eccae091b5ad8728ff2
GET //upload/vod/20220831-1/e20bc41f030a52c0e644678ad25bff43.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11606
last-modified: Wed, 31 Aug 2022 07:30:06 GMT
etag: "630f0dfe-2d56"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/0f9498a8e36f97548e87ceed78167e93.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/0f9498a8e36f97548e87ceed78167e93.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash d957d0e00332783bec0d50a923c92148
67d5296c5a3135fef84ea371d291aeedd21e50a5
e0b13596dd5534772ebba6b156c8a7426e8ccc28f43be76904d483135b9909b0
GET //upload/vod/20220831-1/0f9498a8e36f97548e87ceed78167e93.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 11577
last-modified: Wed, 31 Aug 2022 07:30:06 GMT
etag: "630f0dfe-2d39"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220831-1/75d7c26cc6f40f11acd7fc1c136ac475.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220831-1/75d7c26cc6f40f11acd7fc1c136ac475.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash f9451c785be58f3ca79355a1bc476416
cde78b53aed0fca8f627b6ea02eea5fe3cb7eaea
53eff00eea137daa8e7a02225e8d121254488d5e8f6d214d48b4f0730b01515d
GET //upload/vod/20220831-1/75d7c26cc6f40f11acd7fc1c136ac475.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 02:29:29 GMT
content-type: image/jpeg
content-length: 10794
last-modified: Wed, 31 Aug 2022 07:30:06 GMT
etag: "630f0dfe-2a2a"
expires: Sat, 01 Oct 2022 02:29:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx30.zhgmjglh8k.com/template/m1938pc/css/ate.css
172.67.198.54200 OK 14 kB URL HTTP/2 klx30.zhgmjglh8k.com/template/m1938pc/css/ate.css
IP 172.67.198.54:0
File type ASCII text, with CRLF line terminators
Hash 8fb7c44ef561c9204fda92f3300dff18
40b8f71748fc7ac885e85f33b1ac3154e00db8ad
a9d862d09dd2b285bcd7a04c4a783476004bfaff88fe52806254f239e7e7a2d8
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: klx30.zhgmjglh8k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
vary: Accept-Encoding
etag: W/"61be9b34-126e4"
expires: Thu, 01 Sep 2022 08:09:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 22774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuXWuYrS5Xlp%2F5mHnYLGFDJBrls2bu1Bs7VY0BWV%2BBLF26zY%2FHSf6giYIH1lts%2BgITFvcHneY0EePhUiJ1ZgNw2JtReQzjOfKkdAcvCP1D%2FfLBf6OBMaffZqL5fpywPDDQe8EVPNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94127b88b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx30.zhgmjglh8k.com/template/m1938pc/css/zui.css
172.67.198.54200 OK 27 kB URL HTTP/2 klx30.zhgmjglh8k.com/template/m1938pc/css/zui.css
IP 172.67.198.54:0
File type assembler source, Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash 6e12b62bf730ba391e0337e73e9b2b49
c5a1bc4c6bd2cda6f9c49fe5aeb6d32e6858f74e
fc2be78c84113cdd9ad68cebb75f2eebf33cc02b3533c7a3dd5e6f28ad4c498f
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx30.zhgmjglh8k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:06:26 GMT
vary: Accept-Encoding
etag: W/"623f1de2-14f3a"
expires: Thu, 01 Sep 2022 08:09:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 22774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0A2qj7CWJHtg5L3T5szi%2FB5tNIMI9j0S67qO3DUCvwbkFga0bH91MlkhRDVQqMyBxVCmHTtXy5Iw4OKYdwhhXVHOK6B6hvry2C0S%2Fu4vVfbVxhJW8yr4K8lydwqXUpcdbRaE3g33Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94128b89b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ia.51.la/go1?id=21278777&rt=1661999368774&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368774&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278777&rt=1661999368774&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368774&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278777&rt=1661999368774&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368774&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=f5f5a11eb5fb1a2cebe; path=/
HWWAFSESTIME=1661999369985; path=/
cb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
188.114.97.1200 OK 563 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 563 kB (562936 bytes)
Hash 0deb26495fcbbd62324a5cc9480492dd
514c18ee91c83cba2bc72f105f7131f82b0beda5
c3cd7af13fe8e57b0722c7250b9b8da5b2dab6228c385997e2d1c0f95011ed03
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 07:53:34 GMT
etag: W/"62f9fb7e-3fa"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CREbT2zPdvl9UyjbO0kcnQW3CDeJft68hYMkMMmNAcCfaoBZGJaXLsvK0q1QjWB669RkWIW%2BZO4Da0VeXcMCo3E%2FaOICHYcIl17oc5Os4jbb2Dx4dko3KYavp448l4BeByhHPXim"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
188.114.97.1200 OK 121 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 121 kB (121180 bytes)
Hash 924b398eb910d610b404c2a4918b4f96
c01c04f634f28bbb6d768647f5dd1ae83804b6dc
7ea512f399420fbce861e128bbf502a7a88bf6ae41565b00ff3b047c9d5e77a0
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:27:46 GMT
etag: W/"62cfe192-1ac"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DiqMh0n3gkzKJnmlYr1IguVF7iC6x6wg2RbI%2B1n602QA%2FHXG2ULZe2W4JDHLi8ACRvznyt5jk4NLmcAbQYmOYaWZ63CEXvd7f22MDtRYy5eMxOoNljq1zE5oSdiVrz8lsR0o31v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
47.75.19.38200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP 47.75.19.38:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Sep 2022 02:29:29 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 631019094C8B3735386DD3D8
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 1
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash dd8264540583f28b9977988ea05811d1
62c122f443f37bacad08bd3535d34bbecf0c5dfa
178fa80b161172917c513fef94d22b762cecbdc3ae560cbd375c205cb7544469
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 02:29:30 GMT
Etag: a9c07a8efe394e1c4909dbf57639bbe4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=818B38D6CF433F47; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ia.51.la/go1?id=21278777&rt=1661999368793&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368793&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278777&rt=1661999368793&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368793&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278777&rt=1661999368793&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1661999368793&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx30.zhgmjglh8k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Thu, 01 Sep 2022 02:29:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=121d18d4d4b55bdf611; path=/
HWWAFSESTIME=1661999366293; path=/
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1988436762&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1988436762&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1988436762&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 02:29:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B3661B580F94BC2A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
884121.com/eed14bd85e5e4b33b950bfe6a61e1b48.gif
47.75.19.14200 OK 424 kB URL HTTP/1.1 884121.com/eed14bd85e5e4b33b950bfe6a61e1b48.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Size 424 kB (423997 bytes)
Hash e1a71fed14e92c07c2e10086c3f8ad63
aa5d034602b33fc99e8611326ab13612f6240c29
b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b
GET /eed14bd85e5e4b33b950bfe6a61e1b48.gif HTTP/1.1
Host: 884121.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Sep 2022 02:29:30 GMT
Content-Type: image/gif
Content-Length: 423997
Connection: keep-alive
x-oss-request-id: 6310190AFC567C3236B70D19
Accept-Ranges: bytes
ETag: "E1A71FED14E92C07C2E10086C3F8AD63"
Last-Modified: Sat, 23 Jul 2022 05:46:02 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18376862633552853608
x-oss-storage-class: Standard
Content-MD5: 4acf7RTpLAfC4QCGw/itYw==
x-oss-server-time: 1
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash e26ee2de6c69471968ba99471b59a25c
4f77332e92ae90e26922a2cfa08bfcf64fefa1b5
907527afb841d3b273c1430e56f763023d4eaaa44a909b7ca4622579854d1f64
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: a9c07a8efe394e1c4909dbf57639bbe4
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Thu, 01 Sep 2022 02:29:31 GMT
Etag: 4214589e6a38d88998acbc9495427adf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=515911CA0FC0E9FC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1661999371&rnd=1894941151&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1661999371&rnd=1894941151&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1661999371&rnd=1894941151&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=31771&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx30.zhgmjglh8k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Sep 2022 02:29:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=36E01ADA2E9DEB09; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:18:19 GMT
vary: Accept-Encoding
etag: W/"62cf990b-972"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VDWjNPW560mYxw8X6AWVzIiNr9dYH%2Fv8dZ7vEKYqwvChRNdnsK%2BRDLNUEZKstPHI0JClpvgUXBb1QK%2BdFBpeIUGY6tfiQDuW8W5RQoj89NKHusyppy%2BWGFEIsx3XyW9uyg6XD7J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94134b81b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 13:18:25 GMT
etag: W/"62f65321-3f1"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxEFVfS9XmXaQrzzQnFuQSRsSCHKPKPD3e2l3Q4tqjrH2I84QpXIa%2BCT%2Bdx17gkX%2FOyoRe%2Bwaxr1zt%2FBaQYJ4l67OfFgOobjpwQvKG%2F4ErizcbgJQXstXAoMvLHsKe7LfkhCC6G3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94134b7eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
172.67.182.207200 OK 0 B URL HTTP/2 sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
IP 172.67.182.207:0
GET /yPS7hqfHgkFauS2djb/gg.css HTTP/1.1
Host: sb.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: text/css
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
vary: Accept-Encoding
etag: W/"62bc1e37-c63"
expires: Thu, 01 Sep 2022 08:11:25 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfntWzYKrNn4p%2BBeDu1xMzuQpGpYPlLi4XG%2FE%2FL31DCsIXJJ9gjoUG%2FmhfmD51T%2FpvCmSWryy0AQgs1PWZcbBLAoIjS3T%2FWXhV%2BELh1UOBDThwxr3QaQWOswnSu40XvyM%2Fhtc1Xh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a9414aacfb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Sat, 27 Aug 2022 12:09:36 GMT
vary: Accept-Encoding
etag: W/"630a0980-48d"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgcMcm%2BEwaEIXfNeDHss62wnOh0a56B1Ywdv%2Bqqoxl6PlhqA1NC2kItWa1CVG2hrizd%2BfDitn%2F6EV33VomGXL8B0CH5n%2BGfG2ab8pweY11MybZrbVLpPKdK8oQ7B%2FOtUClOg%2Fky6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94136baab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx30.zhgmjglh8k.com/
172.67.198.54200 OK 0 B IP 172.67.198.54:0
GET / HTTP/1.1
Host: klx30.zhgmjglh8k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.myweblock.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeJwKl1ZlXaMVnmIVDt6XAxmtvimvcJL67d5gtLFxc0rwxvj2CodDpjGDr5vsJqxKsu5mI6uJPi5kB0r9ZXXc%2Bu7U2c89UGMbeKJRub88xEJyKqHzv6inlu4s9XVAIGJ5D%2FLlfq%2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743a94126b7db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:27:46 GMT
etag: W/"62cfe192-1be"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot1w1vgvgGGNZ72noVFSWcamHjtd5iGoSXlJIvqLXG%2BJpwPtByjpvHm2CaMN8hrPMyYGKfsA1e6HBstuwyme63shnW7pqwJIYD8IgjD3%2FhZO3n6QGp8YjfkhmTnX7oGIo1CibLo3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 14:03:55 GMT
etag: W/"6308d2cb-3d1"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BODs3AhEF9FtgfI82gupGf6xNAlzR0POmoWB6sBwlgw4nXJKJb%2FzlVpsc62FDQhtjcA3AmPd6dbYvFJ5%2BIKSrkHQxn9qzS4SdupFPNsgKBMAMo6JIlQf4zMrt%2FVMEY2qGkP0Dbg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
188.114.97.1200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx30.zhgmjglh8k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 02:29:28 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 05:42:15 GMT
etag: W/"62a97137-3b7"
expires: Thu, 01 Sep 2022 08:09:55 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x6Lke6ugh9g9iRqJM81gABRlMRkkm%2Bh%2B4Ls0SFfPgabh941btZ7w34sCSa7ZK0rCXQp%2BrSAPdShEq3xyN4BMgH2JUa%2BYu4vtkCnJpQgc3hpaDhMkc%2BZqt4hm%2BWNF8mbTjrh%2FOKw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743a94133b6fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2