r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Sat, 19 Nov 2022 17:31:32 GMT
Date: Sat, 19 Nov 2022 14:16:01 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6444
Cache-Control: max-age=165756
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 14:16:01 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 12:18:37 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18971
Expires: Sat, 19 Nov 2022 19:32:12 GMT
Date: Sat, 19 Nov 2022 14:16:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 13:45:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1852
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: en49pPbzUko8wK0wNG73No5sPci3nHoEt3zLgEfUztvdBHiRJrr0RMzZ1ULShYvhwBVQeA1wcic=
x-amz-request-id: BV4GY2AGV11PW7KH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 13:53:23 GMT
age: 1358
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.mthuacheng.com/
301 Moved Permanently 162 B IP
ASN #396190 LEASEWEB-USA-SEA-10
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 19 Nov 2022 14:16:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.mthuacheng.com/
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 14:16:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 13:44:49 GMT
cache-control: public,max-age=3600
age: 1872
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc6cd908e1bb2be20f8ed6563f66c232
e3f8fbfa36adb4cd3e44515460b656c9594affe5
8afc43554655f0d17d2e878b1382d8961ad9f46215fec25eb6c33b117bbc99e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AFC43554655F0D17D2E878B1382D8961AD9F46215FEC25EB6C33B117BBC99E0"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 20:16:01 GMT
Date: Sat, 19 Nov 2022 14:16:01 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5565
Cache-Control: max-age=159816
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 14:16:01 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:39:37 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.mthuacheng.com/
200 OK 13 kB IP
ASN #396190 LEASEWEB-USA-SEA-10
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (727), with CRLF, LF line terminators
Hash 51db5275f486a92a477069603be7f292
4c954a118fda4660d01524aade7f0736af38a33c
1e9c2d4d1dd8f69f604f225a9bcccb0cb5ac4736515e394110b173231cb07e85
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:01 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d3-d962"
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FbEKbIgNi62v8UP8kQGASQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t6/qreOU0/UGapZkGs60CSN9PXE=
www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
200 OK 4.8 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type Unicode text, UTF-8 (with BOM) text
Hash a21b2f0f241cc710759c4837842c3317
cdb33077b1ce418d5d09d08076283a280ec73e83
91b448ab3cb2d9febef61f365f9cc668a15abe30fa3ddecb0c9be46827c05c40
GET /style/style_main/css/main_version_1_2_6.css HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: text/css
Last-Modified: Tue, 25 Oct 2022 11:13:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d8-5243"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/js/banner_version_1_2_6.js
200 OK 710 B URL HTTP/1.1 www.mthuacheng.com/style/style_main/js/banner_version_1_2_6.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
Hash 70ae6fd9ab33db16c404b079154b8c99
0928043eaae0e6cc4e93f13b07f9ab87aef85a60
57703af2b2c03e1cafd66ed1ebfd3cb3aec5c2df896d496fc2925daee1a24840
Analyzer Verdict Alert fortinet Phishing
GET /style/style_main/js/banner_version_1_2_6.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d5-bfc"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/css/m-nav.css
200 OK 2.1 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/css/m-nav.css
IP
ASN #396190 LEASEWEB-USA-SEA-10
Hash 2bb9357f535d0b37c61614ecbde5d7ba
81f41d36c0ce62dc767d338d3371a745717f92de
16502ac7b9d9ea336ff21d7e42ebbf437dfb2a4ede131ed737444f60020fd1fe
GET /style/style_main/css/m-nav.css HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: text/css
Last-Modified: Tue, 25 Oct 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d5-1b97"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/css/public.css
200 OK 106 B URL HTTP/1.1 www.mthuacheng.com/style/style_main/css/public.css
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ASCII text, with CRLF line terminators
Hash b6ce2cf56298cd86c7f1462ffe8b6be6
314d678e8e3466dab5aa44baf921b8f2c195fc2d
6083e2163ac2c718c246b137d403276922889352dfb923b016bfbba995874a1f
GET /style/style_main/css/public.css HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: text/css
Content-Length: 106
Last-Modified: Tue, 25 Oct 2022 11:13:25 GMT
Connection: keep-alive
ETag: "6357c4d5-6a"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
200 OK 792 B URL HTTP/1.1 www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
IP
ASN #396190 LEASEWEB-USA-SEA-10
Hash a6d81fe000cbe4babba73b3de23a06a8
7c69811601a1388073d3ac7a7063b79825dfb381
7ae6479e7039a6480ac39848c3185f3f58b77d7bc7560b414d3273f4ad97d9a9
GET /style/style_main/css/banner_version_1_2_6.css HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: text/css
Last-Modified: Tue, 25 Oct 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d5-107e"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/@public/base.js
200 OK 706 B URL HTTP/1.1 www.mthuacheng.com/@public/base.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ASCII text, with very long lines (1922)
Hash 8f945e97a1b67982a6992ff757f102db
c9e672fc6ca045c282554e0404f9e8789e0f080e
50ed6eced00174afe3655c96e43acd7967e82b8578475a10cf4bde9056e12348
Analyzer Verdict Alert fortinet Phishing
GET /@public/base.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 04 Nov 2022 12:27:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63650521-783"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/js/jquery.cbFlyout.js
200 OK 1.7 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/js/jquery.cbFlyout.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ASCII text, with CRLF line terminators
Hash af59efc3a6e88edd350a240b6bf339f9
9ab10e9f2fe9009529ebdb03c53afca211124a8d
9bf2727d1cfd269ecac74ca36dbae11348cdd2c8feccc684aa38e3b195eed69a
Analyzer Verdict Alert fortinet Phishing
GET /style/style_main/js/jquery.cbFlyout.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d7-176f"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/js/jquery.js
200 OK 38 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/js/jquery.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ASCII text, with very long lines (65482), with CRLF line terminators
Hash cde97df8581658e38aba824dfb9e6029
74fb231bb1c1179e5b63e3a41b2832f455b77bac
797669a53b7bdb79597f7065d8b1de1fe5e2584c5ce11c9a48cbed033e7196be
Analyzer Verdict Alert fortinet Phishing
GET /style/style_main/js/jquery.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d5-16dc5"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/@public/js.js
200 OK 253 B URL HTTP/1.1 www.mthuacheng.com/@public/js.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
Hash e43805c7e868e18edc3d03d22c9c272e
9284417c6d3c7e6062d97f12ace63402c3629d61
b5e0ecbedfe4e8a85e304e9b890a3077bed0be8ceb74f646468d8e23755eb87b
Analyzer Verdict Alert fortinet Phishing
GET /@public/js.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 253
Last-Modified: Wed, 26 Oct 2022 02:28:40 GMT
Connection: keep-alive
ETag: "63589b58-fd"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/js/koala.min.1.5.js
200 OK 18 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/js/koala.min.1.5.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ISO-8859 text, with very long lines (35547), with CRLF line terminators
Hash addf512c6b0ba0eb8134375a1f867eff
329086b5958c5881758ff4d1b4588a132ca293a7
2e3f823ea5bbd04a38e0160fb9d6a003ec39a59e0a311958d62c1c94e018a5b5
Analyzer Verdict Alert fortinet Phishing
GET /style/style_main/js/koala.min.1.5.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4d6-8b79"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/img/arrow.png
200 OK 1.0 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/arrow.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash a1b78617289570e851f9ba895065cc1f
c5dd80a788f915c7e1577a1f8f2c64437968a9ec
2b77d39d3f92ae5c84ed0e95cfc0c624091e669760bbb9d5b163db13191a4863
GET /style/style_main/img/arrow.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/png
Content-Length: 1039
Last-Modified: Tue, 25 Oct 2022 11:13:40 GMT
Connection: keep-alive
ETag: "6357c4e4-40f"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/icon-new.png
200 OK 387 B URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/icon-new.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 26 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 576d01294304b064d40f3e2411528b9d
8cb2418db27ceef26e03f283bdf321af611e7424
a31f1d0aadad530b19d525dad4c6e78a15fcd150c158b94a4dfe0d23d4e817d2
GET /style/style_main/img/icon-new.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/png
Content-Length: 387
Last-Modified: Tue, 25 Oct 2022 11:13:39 GMT
Connection: keep-alive
ETag: "6357c4e3-183"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/zt-more.jpg
200 OK 13 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/zt-more.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 60x200, components 3\012- data
Hash 09a50cc70d48e6ede4c958694220852b
5374f4ffaa3f293ef06c42cf7b1ed746c8a34132
8b425cd496b000330b0f36cccbc324ffabdb22bedfd9b8a231c82250182a26d8
GET /style/style_main/img/zt-more.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 13173
Last-Modified: Tue, 25 Oct 2022 11:13:44 GMT
Connection: keep-alive
ETag: "6357c4e8-3375"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 14:16:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 14:16:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 14:16:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 25101
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 13780
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 37930
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 59978
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd028e5379061f8bf0d569506979a05a
7896c55cb0bf1997f1e9ab31028b04c332bd6f10
f8a32af3451f196bd2ded7065923a3ad5392c0dd3a82c53cf03a948d183cbf9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 2dc81ded-54e7-4d96-bef4-a32f83a90624
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubXdH79oAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5c9-19bc25513834006570cb7384;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F9_oRzE-4MFYG82l9pN_stoL2TwVg_kE3q30nYj0H4NFMn9Dp6xlCQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:44:11 GMT
age: 37912
etag: "7896c55cb0bf1997f1e9ab31028b04c332bd6f10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: e42f040e-a2f9-4538-bbaf-f1e64719f424
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsmpGr5oAMFsmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e2a-15b03190049271db549b1770;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:15:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OjQm2RW65ZJDsUNay0untDwlufnFhXHwbpfAnCwEK3seEDiPIKrnfQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:00:02 GMT
age: 26161
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.mthuacheng.com/style/style_main/img/zt-lbjt.jpg
200 OK 83 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/zt-lbjt.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 265x200, components 3\012- data
Hash ed408932b609858e0141e999f0fa671d
c1beba24635b96a63709db588c27fe44c3b67705
56ed76707b83193827a731fd4253f26cbb5eafc89e52c22dff14c29661bf4a89
GET /style/style_main/img/zt-lbjt.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 83229
Last-Modified: Tue, 25 Oct 2022 11:13:42 GMT
Connection: keep-alive
ETag: "6357c4e6-1451d"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/yqfk.jpg
200 OK 84 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/yqfk.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 265x200, components 3\012- data
Hash 0baa8df9e033ee8db1ca07a9b2b10464
891e3011806edd5d158bc85960bc3f1e307110e8
709e77d101c8ab249f01c7f597c3f6ca280612eb78e94f249e9ee136b16fd7d1
GET /style/style_main/img/yqfk.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 84163
Last-Modified: Tue, 25 Oct 2022 11:13:42 GMT
Connection: keep-alive
ETag: "6357c4e6-148c3"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/zt-wmxy.jpg
200 OK 86 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/zt-wmxy.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, datetime=2022:08:08 11:37:38], baseline, precision 8, 265x200, components 3\012- data
Hash cd20e5e372df5416aaa95bc5ae1c4ada
09f3f869692e573daedc64dc2a79647d75f8e6ec
804a0f6929c8ce9092961784aafd6c231e15869bd9910b637d887d05fe3479f6
GET /style/style_main/img/zt-wmxy.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 85966
Last-Modified: Tue, 25 Oct 2022 11:13:40 GMT
Connection: keep-alive
ETag: "6357c4e4-14fce"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/xx.png
200 OK 7.8 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/xx.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 250 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 09e8f13dae0b248fdae80fda439c3d04
4f22e59971621079dfa2324eee756170555c88cc
2da1e326ed4b135c75379099bf421407a968bc951d6a18b74576514b00524e58
GET /style/style_main/img/xx.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/png
Content-Length: 7847
Last-Modified: Tue, 25 Oct 2022 11:13:29 GMT
Connection: keep-alive
ETag: "6357c4d9-1ea7"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/zt-jbck.jpg
200 OK 71 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/zt-jbck.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 265x200, components 3\012- data
Hash 7d131e0b50e9342711ef8c839c26f251
169f772269619c068e86d1675241c9362932de38
4f5faf7e491e9cf86c85e72aa6c476c6634393c2baf02d1df2da5f97020bf1fd
GET /style/style_main/img/zt-jbck.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 70793
Last-Modified: Tue, 25 Oct 2022 11:13:44 GMT
Connection: keep-alive
ETag: "6357c4e8-11489"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/foot_03.jpg
200 OK 31 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/foot_03.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 365x110, components 3\012- data
Hash 33a2e35ab5e3ae2cb90d1b20219b0f74
937616a1239a4cce8ca71e9d61fbedd9a6497709
6a7a2f9ad3059c9c6ad64fe559cb1ce91413b2290d3d3e70983a050d15cf9f16
GET /style/style_main/img/foot_03.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/jpeg
Content-Length: 30883
Last-Modified: Tue, 25 Oct 2022 11:13:46 GMT
Connection: keep-alive
ETag: "6357c4ea-78a3"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/foot_021.jpg
200 OK 43 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/foot_021.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:02:09 00:20:04], baseline, precision 8, 365x110, components 3\012- data
Hash adf8a53161d49fb7fa18cd8b920548b3
2de0e3bd792fbbf78c590780da3ce7719af1d0c1
4cd93093fbccea04cabcbce0d2f02d4006fd948591a821ba573d52649ca80a2b
GET /style/style_main/img/foot_021.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/jpeg
Content-Length: 42856
Last-Modified: Tue, 25 Oct 2022 11:13:45 GMT
Connection: keep-alive
ETag: "6357c4e9-a768"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/gk-img.jpg
200 OK 99 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/gk-img.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 370x120, components 3\012- data
Hash 1eee169fb7b3269af6b7f6b8979e6af8
a2ded2b2eff4f2894ad41c83813bfdf762de3b7f
4cf58e45bb7b676bc5f1858a9de41323c50ba4fe1afb3bdcfbb0e67dff73de7c
GET /style/style_main/img/gk-img.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 99328
Last-Modified: Tue, 25 Oct 2022 11:13:29 GMT
Connection: keep-alive
ETag: "6357c4d9-18400"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e5edc35bb44ea2cd812313d0034ac36a
83538285cfa773a36e34062cf36c2240d3cc82d7
b92e2230aa7490bfc0fbc8a6767372160788af77be7b9f2dd70ecbede371e999
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B92E2230AA7490BFC0FBC8A6767372160788AF77BE7B9F2DD70ECBEDE371E999"
Last-Modified: Sat, 19 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 20:16:03 GMT
Date: Sat, 19 Nov 2022 14:16:03 GMT
Connection: keep-alive
www.mthuacheng.com/style/style_main/js/terminator2.2.min.js
200 OK 7.4 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/js/terminator2.2.min.js
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type ISO-8859 text, with very long lines (17308), with CRLF line terminators
Hash ea109169e506815ac78528462fea7d75
e7c06f5d9a67fd4e6334c8161a2fcbdec1578c72
21eabd4d70059f7b0b99444dd0a53bf96fbed1db39a2aaabf50104ffb6bb86a9
Analyzer Verdict Alert fortinet Phishing
GET /style/style_main/js/terminator2.2.min.js HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 25 Oct 2022 11:13:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6357c4eb-44eb"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.mthuacheng.com/style/style_main/img/icon-xzxx.png
200 OK 3.2 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/icon-xzxx.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 140 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 10af06532524eba5d4ae81db8f286277
f9f17b716c9d419d7d6b664c5128cffab0d8f3b3
a4523453bae58f9ac115ec8e8185847c7cde13e56265e6347dacef8e59b73f80
GET /style/style_main/img/icon-xzxx.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/png
Content-Length: 3190
Last-Modified: Tue, 25 Oct 2022 11:13:50 GMT
Connection: keep-alive
ETag: "6357c4ee-c76"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/uploadfile/2022/0321/20220321121459345.png
200 OK 811 kB URL HTTP/1.1 www.mthuacheng.com/uploadfile/2022/0321/20220321121459345.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 1252 x 835, 8-bit/color RGB, non-interlaced\012- data
Size 811 kB (810963 bytes)
Hash d0260bc5ae00b1d6c07281be9013a6b1
611f6728e159615a6f71cb3ad847fcb9cce31fc6
4159484e999065d1c3d1128c686743e78ad33054d23e0bd778c6383a1d682868
GET /uploadfile/2022/0321/20220321121459345.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/png
Content-Length: 810963
Last-Modified: Tue, 25 Oct 2022 11:13:35 GMT
Connection: keep-alive
ETag: "6357c4df-c5fd3"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/icon-yzs.png
200 OK 3.5 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/icon-yzs.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 140 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d9828fe8f5f07cc2b1df6325201f5d0
a5c0baf34fb24a1159c2c2d912385b510a740dc3
86f154eb5ddb8d10bfbeec3338217a05b84e74e7b668c54cfc353721a774b593
GET /style/style_main/img/icon-yzs.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:04 GMT
Content-Type: image/png
Content-Length: 3540
Last-Modified: Tue, 25 Oct 2022 11:13:50 GMT
Connection: keep-alive
ETag: "6357c4ee-dd4"
Expires: Mon, 19 Dec 2022 14:16:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/banner20.jpg
200 OK 937 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/banner20.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, datetime=2022:10:24 11:41:59], baseline, precision 8, 1920x500, components 3\012- data
Size 937 kB (936776 bytes)
Hash 9c54749b7cbc8f0bc498760f6c137807
2e6be2259d46ddeaa5310b56eba2971bc1454344
afba9eb5084f1d5a4a6d87866c80fc3a98c2c65c1c3be74d946b6c348afeeb9e
GET /style/style_main/img/banner20.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:04 GMT
Content-Type: image/jpeg
Content-Length: 936776
Last-Modified: Tue, 25 Oct 2022 11:13:52 GMT
Connection: keep-alive
ETag: "6357c4f0-e4b48"
Expires: Mon, 19 Dec 2022 14:16:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/uploadfile/2022/0418/20220418110541801.jpg
200 OK 3.3 MB URL HTTP/1.1 www.mthuacheng.com/uploadfile/2022/0418/20220418110541801.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 5D Mark IV, xresolution=185, yresolution=193, resolutionunit=2, software=www.meitu.com, datetime=2022:03:15 16:06:06], baseline, precision 8, 6630x4001, components 3\012- data
Size 3.3 MB (3314509 bytes)
Hash d7b36d2a6c11d7b91f4a4481b5c57726
e5b18766b573ba2a1438a360a5dfb3126cb37752
a14836b736853a25e23df45482d1b6ae589fbddcd30b777afb788f6fc7495b62
GET /uploadfile/2022/0418/20220418110541801.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/jpeg
Content-Length: 3314509
Last-Modified: Tue, 25 Oct 2022 11:13:34 GMT
Connection: keep-alive
ETag: "6357c4de-32934d"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/banner7.jpg
200 OK 628 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/banner7.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, datetime=2022:04:20 10:15:09], baseline, precision 8, 1920x500, components 3\012- data
Size 628 kB (627987 bytes)
Hash 5785229884e83bf0fbb21e55ca5d284f
106994b13346578cca843412c741532d6e3dba05
60223236e169a72765ef47905f5c26d8fa6d12390481678d01eba336149e346d
GET /style/style_main/img/banner7.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:04 GMT
Content-Type: image/jpeg
Content-Length: 627987
Last-Modified: Tue, 25 Oct 2022 11:13:56 GMT
Connection: keep-alive
ETag: "6357c4f4-99513"
Expires: Mon, 19 Dec 2022 14:16:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/banner1-1.jpg
200 OK 500 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/banner1-1.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 400x400, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x500, components 3\012- data
Size 500 kB (499625 bytes)
Hash b867a5af58bcf9b127238c9d8001118b
10fb1a01dafe46c806a57e480845e5e7d346ce1f
7452fa1040928b47ad2076fac3a067b790f8f5ac68931a47f5339316ddddce2e
GET /style/style_main/img/banner1-1.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:04 GMT
Content-Type: image/jpeg
Content-Length: 499625
Last-Modified: Tue, 25 Oct 2022 11:13:52 GMT
Connection: keep-alive
ETag: "6357c4f0-79fa9"
Expires: Mon, 19 Dec 2022 14:16:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
33ag95.com/facai.js
200 OK 2.1 kB IP
ASN #64050 BGPNET Global ASN
Hash 6acc3585aa12ced34e6000753303db65
d097e71812e9e7233f7b2fb811e8f4c702a20492
3ba1780b659c9b22362b51e2e4314cb7f2271b49d58ea2048972a123ed44c049
GET /facai.js HTTP/1.1
Host: 33ag95.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 14:16:03 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 09:02:05 GMT
vary: Accept-Encoding
etag: W/"6364d50d-511"
expires: Sun, 20 Nov 2022 02:16:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.mthuacheng.com/style/style_main/img/dot-gray.jpg
200 OK 3.5 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/dot-gray.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 6x6, components 3\012- data
Hash 5f4c3b81fed1fff45d0f38fcca23a712
54da23826daca8537e897bcbf02af8909557545d
98ed72d69db97abfa4b17b05ab366a321d28a219b534faab3615ef0b6769d7e4
GET /style/style_main/img/dot-gray.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:05 GMT
Content-Type: image/jpeg
Content-Length: 3547
Last-Modified: Tue, 25 Oct 2022 11:13:59 GMT
Connection: keep-alive
ETag: "6357c4f7-ddb"
Expires: Mon, 19 Dec 2022 14:16:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/focus_btn.png
200 OK 2.3 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/focus_btn.png
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type PNG image data, 80 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 5cc18256e90c240a899fd502b913d91f
f0a53af2d4567f7398fca58eaa4f7392a5074b4e
4ab8662ade4673401e86db408122596c6a3cfcb752521ed9fcddc8100f104258
GET /style/style_main/img/focus_btn.png HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:05 GMT
Content-Type: image/png
Content-Length: 2327
Last-Modified: Tue, 25 Oct 2022 11:13:31 GMT
Connection: keep-alive
ETag: "6357c4db-917"
Expires: Mon, 19 Dec 2022 14:16:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.trust-provider.cn/
200 OK 599 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a7482cec483eafc5848a037b831b480d
5cf26dcfa6474cfe1a28d9d8df02c695ffa3b395
b9d2d68dd7c9a52eae0761c931e3ce21cc46f49ff326cdfe3707eae85ac009fd
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 19 Nov 2022 14:16:05 GMT
last-modified: Fri, 18 Nov 2022 08:08:00 GMT
expires: Fri, 25 Nov 2022 08:07:59 GMT
etag: "5cf26dcfa6474cfe1a28d9d8df02c695ffa3b395"
cache-control: max-age=585000,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 76c98fc8594d9ba6-FRA
via: cache19.l2de2[148,0], cache1.se1[170,0], cache8.se1[173,0]
timing-allow-origin: *, *
eagleid: 2ff62c9c16688673651483595e, 2ff62c9c16688673651483595e
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash ed226a52fdb68a118f4135768308d647
f7f9166018565b3db9384bb4e6bb589e210fa122
455290667d48c2ac3ad7b870c926cb101da8c55ce240073c9a1174c3421fe277
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 14:16:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 11:36:53 GMT
ETag: "f7f9166018565b3db9384bb4e6bb589e210fa122"
Last-Modified: Sat, 19 Nov 2022 11:36:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2769
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c98fc9ee620b49-OSL
www.mthuacheng.com/style/style_main/img/foot.jpg
200 OK 92 kB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/foot.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1200x250, components 3\012- data
Hash a6869717f402427637918046a2fd092f
b64198a0af2fab18b7b6cf62bf52549ed8c39c81
da6e419f06724096b87be13c8b8b624120ecfa584024d082e12a1b7c45bc9e1f
GET /style/style_main/img/foot.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/main_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:05 GMT
Content-Type: image/jpeg
Content-Length: 92406
Last-Modified: Tue, 25 Oct 2022 11:13:57 GMT
Connection: keep-alive
ETag: "6357c4f5-168f6"
Expires: Mon, 19 Dec 2022 14:16:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/style/style_main/img/banner2.jpg
200 OK 1.0 MB URL HTTP/1.1 www.mthuacheng.com/style/style_main/img/banner2.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x500, components 3\012- data
Size 1.0 MB (1031865 bytes)
Hash 3c6820337fb1aebfc580d6070ee833eb
e0890a3c718d86f3aad7842b36871a9a6e229c65
7420d3786796894f001604c0cd084d35baf0b516c0c176e05975fb90be8eb7cb
GET /style/style_main/img/banner2.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/style/style_main/css/banner_version_1_2_6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:05 GMT
Content-Type: image/jpeg
Content-Length: 1031865
Last-Modified: Tue, 25 Oct 2022 11:13:52 GMT
Connection: keep-alive
ETag: "6357c4f0-fbeb9"
Expires: Mon, 19 Dec 2022 14:16:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/uploadfile/2022/0321/20220321122620368.jpg
200 OK 7.6 MB URL HTTP/1.1 www.mthuacheng.com/uploadfile/2022/0321/20220321122620368.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2022:03:02 18:07:45], baseline, precision 8, 6720x4480, components 3\012- data
Size 7.6 MB (7619257 bytes)
Hash 71a52098e29030ef64be233b95d2dc22
172534d27be6b820ce67ab63e0aebe42deceab20
79a4811db5eba5f6d0e7fd45a2a52befe279cee1981691b8ea46b1257e62b0d9
GET /uploadfile/2022/0321/20220321122620368.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/jpeg
Content-Length: 7619257
Last-Modified: Tue, 25 Oct 2022 11:13:41 GMT
Connection: keep-alive
ETag: "6357c4e5-7442b9"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/uploadfile/2021/1212/20211212091851570.jpg
200 OK 2.4 MB URL HTTP/1.1 www.mthuacheng.com/uploadfile/2021/1212/20211212091851570.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 3454x2454, components 3\012- data
Size 2.4 MB (2432951 bytes)
Hash 53ec96ae0f56359b80f1b1b637e0ae32
e62ea10cee38c4cbca9dff81538c03a2d6818567
c7adbcc0f66a6bdede0e6e3da1107a04644ca3a26bba144adf54e6c253df44d7
GET /uploadfile/2021/1212/20211212091851570.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:03 GMT
Content-Type: image/jpeg
Content-Length: 2432951
Last-Modified: Tue, 25 Oct 2022 11:13:33 GMT
Connection: keep-alive
ETag: "6357c4dd-251fb7"
Expires: Mon, 19 Dec 2022 14:16:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mthuacheng.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.mthuacheng.com/favicon.ico
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash dcb2e932becc2d88e098515701274399
496ec23ac1c799922784438cda6b133a1d5c6887
6e9a5250afccd88bfaf4e8a2548e9a3d221f82e0a2bd58677bbcdc1895691ac2
GET /favicon.ico HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:06 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 25 Oct 2022 20:42:44 GMT
Connection: keep-alive
ETag: "63584a44-47e"
Expires: Mon, 19 Dec 2022 14:16:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.js?3f399aaf84660a89cc864e92c8428418
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?3f399aaf84660a89cc864e92c8428418
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash e2e7297335f1d5e914ec14aa428c6b12
33959db68dda297a77756961f47866b7602627da
5d4b636791ce28ec01da2473c42a9f9b44115bee9b6d5239cb4d4f3701d1f693
GET /hm.js?3f399aaf84660a89cc864e92c8428418 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11330
Content-Type: application/javascript
Date: Sat, 19 Nov 2022 14:16:05 GMT
Etag: 41036ad3c86aa7eab1b54c8d5e81bc51
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A91644F78F1A6B42; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2036817691&si=3f399aaf84660a89cc864e92c8428418&v=1.2.97&lv=1&sn=18592&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mthuacheng.com%2F&tt=XG111net%E5%A4%AA%E5%B9%B3%E6%B4%8B%20-%20%E5%A4%AA%E5%B9%B3%E6%B4%8B%E5%9C%A8%E7%BA%BF%E5%AE%98%E7%BD%91%E7%99%BB%E5%BD%95
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2036817691&si=3f399aaf84660a89cc864e92c8428418&v=1.2.97&lv=1&sn=18592&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mthuacheng.com%2F&tt=XG111net%E5%A4%AA%E5%B9%B3%E6%B4%8B%20-%20%E5%A4%AA%E5%B9%B3%E6%B4%8B%E5%9C%A8%E7%BA%BF%E5%AE%98%E7%BD%91%E7%99%BB%E5%BD%95
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2036817691&si=3f399aaf84660a89cc864e92c8428418&v=1.2.97&lv=1&sn=18592&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwww.mthuacheng.com%2F&tt=XG111net%E5%A4%AA%E5%B9%B3%E6%B4%8B%20-%20%E5%A4%AA%E5%B9%B3%E6%B4%8B%E5%9C%A8%E7%BA%BF%E5%AE%98%E7%BD%91%E7%99%BB%E5%BD%95 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 19 Nov 2022 14:16:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=51BCF048B70116C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.mthuacheng.com/uploadfile/2021/0325/20210325035009599.jpg
200 OK 25 MB URL HTTP/1.1 www.mthuacheng.com/uploadfile/2021/0325/20210325035009599.jpg
IP
ASN #396190 LEASEWEB-USA-SEA-10
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, manufacturer=Canon, model=Canon EOS 5D Mark IV, xresolution=138, yresolution=146, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.0 (Windows), datetime=2021:03:18 09:50:00], baseline, precision 8, 6319x4213, components 3\012- data
Size 25 MB (24574155 bytes)
Hash 5491fefe8e075bec8c0fa413824429fa
5076c6e4e213a83aef38fe44cabccea8c2121d42
69f038237a37ce5e99d839ba4c5522409824f0706c8a3210ae7d7de934045405
GET /uploadfile/2021/0325/20210325035009599.jpg HTTP/1.1
Host: www.mthuacheng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mthuacheng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 24574155
Last-Modified: Tue, 25 Oct 2022 11:13:46 GMT
Connection: keep-alive
ETag: "6357c4ea-176f8cb"
Expires: Mon, 19 Dec 2022 14:16:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0biXrpW2TGcLKgAOqLdsgFkZ5lKewM0VFGeNTTrmHX7QEcuNzuwnvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 22:17:14 GMT
age: 57536
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
220270.com/?__CBK=3698baacb16ceafdc7586323523a3ee881668867365_17120459
302 Found 0 B URL HTTP/1.1 220270.com/?__CBK=3698baacb16ceafdc7586323523a3ee881668867365_17120459
IP
ASN #134176 Rainbow network limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3698baacb16ceafdc7586323523a3ee881668867365_17120459 HTTP/1.1
Host: 220270.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Length: 0
Location: /
23.82.241.235
93.184.220.29
47.246.44.205
103.235.46.191
23.36.77.32
104.18.21.226