Overview

URL gifts-now.com/
IP154.221.158.75
ASNUNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Location Hong Kong
Report completed2022-09-26 07:53:00 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-26 2 85939597192.com Sinkholed


Files

No files detected



Passive DNS (43)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.gifts-now.com (4) 0 2020-04-20 16:17:38 UTC 2022-08-20 07:46:37 UTC 154.221.158.75 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 52.35.167.249
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:11:51 UTC 34.120.237.76
mnemonic passive DNS haitangtv2.top (1) 0 2022-09-21 05:06:08 UTC 2022-09-23 15:26:50 UTC 122.10.49.87 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-26 04:51:20 UTC 143.204.55.35
mnemonic passive DNS kvhiii.top (1) 0 2022-02-24 17:36:26 UTC 2022-09-26 03:09:41 UTC 104.21.234.203 Unknown ranking
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-26 04:54:08 UTC 104.18.20.226
mnemonic passive DNS 523zyw.com (34) 922633 2021-08-23 10:35:30 UTC 2022-09-23 15:26:50 UTC 103.142.36.107
mnemonic passive DNS taiwtp1.com (2) 0 2022-04-08 07:06:08 UTC 2022-09-25 23:05:27 UTC 220.128.218.220 Unknown ranking
mnemonic passive DNS vbutjg.com (1) 0 2022-05-08 14:28:01 UTC 2022-09-26 01:40:40 UTC 45.61.212.175 Unknown ranking
mnemonic passive DNS poe.xvkfkw.cn (1) 0 2022-09-23 04:36:30 UTC 2022-09-26 00:26:26 UTC 203.107.60.95 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 143.204.55.110
mnemonic passive DNS aooacctp.vip (2) 0 2022-04-15 17:51:21 UTC 2022-09-26 00:10:54 UTC 104.21.82.179 Unknown ranking
mnemonic passive DNS mei.netlbtu.com (1) 917912 2022-06-02 01:24:51 UTC 2022-09-25 01:57:42 UTC 172.64.140.29
mnemonic passive DNS hm.baidu.com (11) 8254 2012-05-26 08:38:45 UTC 2022-09-26 05:19:48 UTC 103.235.46.191
mnemonic passive DNS kmr.mjnbrt.xyz (1) 0 2022-09-14 14:20:49 UTC 2022-09-26 00:26:26 UTC 23.224.92.242 Unknown ranking
mnemonic passive DNS p26.toutiaoimg.com (1) 75286 2021-01-20 17:21:02 UTC 2022-09-25 20:06:24 UTC 120.52.95.241
mnemonic passive DNS e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-09-25 21:37:35 UTC 23.36.76.226
mnemonic passive DNS i.6v6.work (1) 0 2022-04-22 15:49:00 UTC 2022-09-24 14:23:54 UTC 23.225.199.165 Unknown ranking
mnemonic passive DNS uu99k.com (1) 0 2021-02-04 07:26:26 UTC 2022-09-25 17:06:12 UTC 23.225.89.147 Unknown ranking
mnemonic passive DNS qbyyvg3.com (1) 0 2022-03-21 06:37:22 UTC 2022-09-23 15:26:54 UTC 45.61.212.119 Unknown ranking
mnemonic passive DNS hnt.qtmdzsj.cn (2) 0 2022-09-17 09:00:58 UTC 2022-09-26 00:26:26 UTC 203.107.60.95 Unknown ranking
mnemonic passive DNS hbe.jwddpvu.cn (1) 0 2022-09-22 22:16:22 UTC 2022-09-26 00:26:26 UTC 203.107.60.95 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-09-25 05:02:41 UTC 23.36.77.32
mnemonic passive DNS gifts-now.com (1) 0 2020-04-20 16:17:38 UTC 2022-09-25 07:50:54 UTC 154.221.158.75 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (14) 487 2018-12-17 11:31:55 UTC 2022-09-26 04:57:46 UTC 172.64.155.188
mnemonic passive DNS ocsp.sectigo.com (14) 487 2018-12-17 11:31:55 UTC 2022-09-26 04:57:46 UTC 104.18.32.68
mnemonic passive DNS p.qlogo.cn (1) 48578 2014-01-15 11:11:45 UTC 2022-09-26 05:17:57 UTC 43.154.254.32
mnemonic passive DNS img7.ng8855.com (1) 622062 2022-05-11 11:14:17 UTC 2022-09-24 15:24:16 UTC 104.21.77.58
mnemonic passive DNS u0062.com (1) 0 2021-02-01 01:45:41 UTC 2022-09-26 00:26:23 UTC 20.239.174.75 Unknown ranking
mnemonic passive DNS s9.cnzz.com (2) 40585 2012-05-24 09:08:21 UTC 2022-09-26 05:14:32 UTC 220.185.164.250
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS www.tupku.top (1) 0 2022-06-30 21:26:11 UTC 2022-09-25 23:05:29 UTC 104.21.82.102 Unknown ranking
mnemonic passive DNS 85939597192.com (1) 0 2022-08-17 07:21:39 UTC 2022-09-25 21:28:40 UTC 45.61.212.119 Unknown ranking
mnemonic passive DNS 9191919199.com (1) 0 2022-06-11 10:32:34 UTC 2022-09-25 21:26:15 UTC 137.175.12.178 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-26 04:12:21 UTC 93.184.220.29
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-26 04:28:35 UTC 104.18.20.226
mnemonic passive DNS haitangtv6.top (12) 0 2022-09-23 15:26:37 UTC 2022-09-23 15:26:52 UTC 154.219.167.85 Unknown ranking
mnemonic passive DNS kvemm.com (1) 222018 2021-10-18 01:51:02 UTC 2022-09-26 03:09:40 UTC 45.154.214.206
mnemonic passive DNS kmj.jsebmcv.cn (2) 0 2022-09-19 14:29:51 UTC 2022-09-25 16:47:41 UTC 203.107.60.95 Unknown ranking
mnemonic passive DNS 885842.com (1) 0 2022-06-28 00:34:37 UTC 2022-09-23 15:26:53 UTC 47.75.19.14 Unknown ranking
mnemonic passive DNS gbtrymj.gbtyunm.xyz (2) 0 2022-09-22 15:18:19 UTC 2022-09-26 00:26:26 UTC 23.224.92.246 Unknown ranking
mnemonic passive DNS vesdsp.com (1) 0 2022-07-06 03:53:54 UTC 2022-09-25 19:52:26 UTC 103.189.108.99 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 154.221.158.75

Date UQ / IDS / BL URL IP
2022-11-27 08:52:45 +0000
0 - 0 - 6 gifts-now.com/ 154.221.158.75
2022-10-31 07:51:08 +0000
0 - 0 - 1 gifts-now.com/ 154.221.158.75
2022-09-26 07:53:00 +0000
0 - 0 - 1 gifts-now.com/ 154.221.158.75

Last 5 reports on ASN: UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD

Date UQ / IDS / BL URL IP
2022-11-27 09:49:50 +0000
0 - 0 - 2 manchangny.com/ 154.215.177.145
2022-11-27 08:52:45 +0000
0 - 0 - 6 gifts-now.com/ 154.221.158.75
2022-11-26 23:32:43 +0000
0 - 0 - 2 sunburstglass.com/ 154.221.120.206
2022-11-26 14:57:18 +0000
0 - 0 - 7 www.jieyinxie.com/index.php 154.221.165.59
2022-11-26 07:41:26 +0000
0 - 0 - 23 szzzzzz.com/ 154.221.104.177

Last 3 reports on domain: gifts-now.com

Date UQ / IDS / BL URL IP
2022-11-27 08:52:45 +0000
0 - 0 - 6 gifts-now.com/ 154.221.158.75
2022-10-31 07:51:08 +0000
0 - 0 - 1 gifts-now.com/ 154.221.158.75
2022-09-26 07:53:00 +0000
0 - 0 - 1 gifts-now.com/ 154.221.158.75

No other reports with similar screenshot



JavaScript

Executed Scripts (26)


Executed Evals (2)

#1 JavaScript::Eval (size: 456, repeated: 1) - SHA256: b28a780e3c9c8db2b385569bd8bd664c7612192ae40d4528272b7728dee00ed9

                                        document.write('<title>e��5P	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http://haitangtv6.top"></iframe></div><style type="text/css">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

#2 JavaScript::Eval (size: 183, repeated: 1) - SHA256: 07e49900713aa4ff885bb78fafee0a010f3cec1d59b2bb9682f28e8c0eef4c8b

                                        var baidu = document.createElement("script");
baidu.src = "//i.6v6.work/v/?uid=387913";
var cnzz = document.getElementsByTagName("script")[0];
cnzz.parentNode.insertBefore(baidu, cnzz);
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 437, repeated: 1) - SHA256: 2031a9e870b694a8da4f5fe872bb3829ff9ddc949cb233caa3a449e5358068c3

                                        < title > e�� 5 P Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="http:/ / haitangtv6.top "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    


HTTP Transactions (143)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 07:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oOUdNXGhMf66Tef8iRV2dp3wE8SCFTVCNiaRrGnah9Pn_JgpI9YxHQ==
Age: 2251


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14006
Expires: Mon, 26 Sep 2022 11:46:15 GMT
Date: Mon, 26 Sep 2022 07:52:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F-al7LmhtUD-CJoBO4yKXwzvn-HcrtXAhT9k05oQ8WB3My_Mc2Pg3A==
age: 11854
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 07:52:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: gifts-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         154.221.158.75
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:49 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.gifts-now.com/index.php

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 07:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 07:18:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rvoDqgK8LJXdjxO3mzwoIqYrCf7AUKE8fK8gSbStfoe96p7nKcCCYw==
Age: 2523


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5229
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 07:52:49 GMT
Last-Modified: Mon, 26 Sep 2022 06:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /index.php HTTP/1.1 
Host: www.gifts-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         154.221.158.75
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (723), with CRLF line terminators
Size:   579
Md5:    8250c2a8478dd0c83e02b44231fc0714
Sha1:   bc8c2ce71cf1d7581bf71d30a098744e33678ae3
Sha256: f790fb9fbdae12a35129c07635cb9c36c6d5c2602466619665af6321a5b7b7e4
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3lWbzLJ4vS+3sFqDbdkxPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.167.249
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CjD0OjrENbqLZjp+o3FcrbKf9gY=

                                        
                                            GET /common.js HTTP/1.1 
Host: www.gifts-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gifts-now.com/index.php

                                         
                                         154.221.158.75
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size:   786
Md5:    50e5c1a269381e4c529b48b15b8102ee
Sha1:   f9c4b2225a27087cf721ac0e3ebefbd0d9f25955
Sha256: fe2a2e022f5c86f8b03192e6639b86eadd0971fcc3e94df268c9ac32f53cc3e1
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.gifts-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gifts-now.com/index.php

                                         
                                         154.221.158.75
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:50 GMT
Content-Length: 262
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   262
Md5:    ce71868892e6c5db85a7fb0a3ae8ea75
Sha1:   ac135dffcef7c78216c53f91bc24bcfef925d2ce
Sha256: e74af6d63d0cb6363fa11c201be422667856cf9cb864d1df5901adf2f45e756c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.gifts-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gifts-now.com/index.php

                                         
                                         154.221.158.75
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:50 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 01 Oct 2022 07:52:50 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:51 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 30 Sep 2022 06:36:37 GMT
ETag: "c040ceca964bcd67db31cd95a722c0bf5448e4e5"
Last-Modified: Mon, 26 Sep 2022 06:36:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1826
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750a6c26eb46b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    805e982ea6cdf9558d4bb231357363f7
Sha1:   c040ceca964bcd67db31cd95a722c0bf5448e4e5
Sha256: 6e96a8aaa27a15466f2553db8287d638bc36b54e4d5ce117cff4b9e9ac516dd0
                                        
                                            GET / HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gifts-now.com/
Upgrade-Insecure-Requests: 1

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (372), with CRLF, LF line terminators
Size:   14295
Md5:    289f096d9d7e28786064e1ac995ab3f8
Sha1:   477cf9c1a6fded870b7c4359a91820dda9e08a51
Sha256: 30ba707a022b7de9e815fe3c28fcd65a3e8d4b5850fd4d3f3303a68c93107e38
                                        
                                            GET /template/m1938pc/static/js/bootstrap.min.js HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:05:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765e0-9b00"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (39553)
Size:   12719
Md5:    89cfee4061db2dd37f5e2668f1c7ebfb
Sha1:   1ecc979a3bc78d4987cb642f3f64e80d56d57d39
Sha256: dcff2dfb3ebcdba16ed0e4b9024fa681edc77ace8a686d9bd5aea6dc282e8168
                                        
                                            GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:05:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765e0-d35"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309)
Size:   1342
Md5:    8e5f2c601d9dc5b0d53cb406774e99c9
Sha1:   562d3c568f650e9cc977328d440fc94c46fe9f8e
Sha256: 0f18d8d9a5b33df370579bebc38911b2f344a8fb99bcdd66e83a6fa48c25e01a
                                        
                                            GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:04:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765da-455f"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (17459)
Size:   3288
Md5:    e73a49e6a4e9772b6add191cf694bd34
Sha1:   00038fe32a6e97fbbeb281939adfb363cdd5f54f
Sha256: 5a1a24bd85867233f36de37f59b96bfeeb4290619781494713b8216902b30988
                                        
                                            GET /template/m1938pc/static/js/jquery.min.js HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:05:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765dc-17b8b"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   38004
Md5:    c0750a85ce0399accd8ded17e2564d6b
Sha1:   ba767d35271e9b39305f156814495650f269ddb6
Sha256: 9de8ff805e6807598c4c2987a8368ff4b2240606f6285902c844baf5a04655ac
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39C315CA85F4A298EC364C5C78E5BA5B9CD739902ADFB451DAE9FC2665081072"
Last-Modified: Sat, 24 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18029
Expires: Mon, 26 Sep 2022 12:53:20 GMT
Date: Mon, 26 Sep 2022 07:52:51 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/static/js/swiper.min.js HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:05:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765dc-178a3"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (31999)
Size:   27510
Md5:    3694d961c3b4a420105cf9563c4cafe7
Sha1:   f75e4b2319d4bc0ea3af5ad3b8cf2e0679575767
Sha256: 3e5b269624b5703cb234c5217a66e9e77b5ffe6f70e2dd0425f3a8951dcba27c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17359
Expires: Mon, 26 Sep 2022 12:42:10 GMT
Date: Mon, 26 Sep 2022 07:52:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17359
Expires: Mon, 26 Sep 2022 12:42:10 GMT
Date: Mon, 26 Sep 2022 07:52:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 36932
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17359
Expires: Mon, 26 Sep 2022 12:42:10 GMT
Date: Mon, 26 Sep 2022 07:52:51 GMT
Connection: keep-alive

                                        
                                            GET /template/m1938pc/static/css/common.css HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:04:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765da-19c0"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1685
Md5:    1bfc16865e4e7621e5c91f2a4505e7fe
Sha1:   7b556b6e7f13fc6e86ab74b1e8b539fc30d7af89
Sha256: dd1cca1a3a887f0bf1af7b0c06fe6ef5f0cdfa720d9f3c7230843830ba709c26
                                        
                                            GET /template/m1938pc/static/js/global.js HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Content-Length: 767
Last-Modified: Sat, 30 Jul 2022 23:27:51 GMT
Connection: keep-alive
ETag: "62e5be77-2ff"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (542)
Size:   767
Md5:    8795117d18afac921a5fc724c7b7cf53
Sha1:   3c21f6100162b2f7940175a1b9790c6161b04a02
Sha256: fa0ae5b9ae65389a58cf363f40a8c9ddf5a26b5945f511756f1270f5d2d38fe4
                                        
                                            GET /template/m1938pc/static/css/style.css HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Thu, 03 Jun 2021 01:54:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b83650-bf0e"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (367)
Size:   9606
Md5:    76c3cfbf09c2924d1324d18e71e4086c
Sha1:   e2955681a2b3e4806b34e4953517088ae3875059
Sha256: 48e3528c19a5f4f1dbd10bf600f3232f614369099eabb26a55b2baada479de09
                                        
                                            GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:51 GMT
Last-Modified: Wed, 02 Jun 2021 11:04:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60b765da-1da6a"
Expires: Mon, 26 Sep 2022 19:52:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65369)
Size:   23941
Md5:    fa8eee12898882e0b97ca29c7920c483
Sha1:   427b362e999391c7ad6d1c37e0178a4fc906fa10
Sha256: 239818d1da6510c291bb39dfa0b5f5873a81a4d63ae877fe97a9053842b58cf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18a9d6ea-6c08-48b5-b74a-f5bf5a018b80.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6797
x-amzn-requestid: 2caf2fb8-650f-4f19-806b-3252a0ba360a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhG0FIAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-0b5beafd57d22f245df61815;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nhtcKQJlI8biPpgjMg2s6wgZNkarsBB2Rnxj69_5Y361Pw9FR4frrg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:11:07 GMT
age: 34904
etag: "9f4dd2376e00073510cbd4e36d10a5a3f1746e35"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6797
Md5:    c1ce3e1066be88e2c4eae317c55136f5
Sha1:   9f4dd2376e00073510cbd4e36d10a5a3f1746e35
Sha256: a7ae3c3b24666cb35db7a95bd98840e96e306d6e2fdbb05c68c98ff7deaa5459
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647364db-b398-41d7-8705-de1b74b7b110.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4409
x-amzn-requestid: c03f3f22-9132-455b-adc9-d38565307a9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTEnFySIAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbb6-62f8e2e817e7ab530a359eaf;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XvqnZqJNcxT9Nh9_pM3VbzSeIHIsxqzwrTofWW9M1Vv3Jce1F3fKbA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:19:14 GMT
age: 34417
etag: "3a71ab6dac65dede3b07a5a5ee926ee964904541"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4409
Md5:    f3db75e6241f57400010012f889a43d5
Sha1:   3a71ab6dac65dede3b07a5a5ee926ee964904541
Sha256: 6fff314d72ce18cf560dec61ea1c286b00777d6ec1bd30a31752bcf994c970e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
age: 35239
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13584
Md5:    2c11e6fef1be62b971bd9daf378bfc95
Sha1:   ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
Sha256: b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbad0bb4-9ab3-47a9-80fd-6567993349dd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9352
x-amzn-requestid: efae9f72-8dce-4899-9dc8-c6cc9b4b2540
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvwFwWoAMFmig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-744ade88393a83467fea2b97;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NOu92heW0-RynLU34xGoSq36WGjOu75Ukkd8IA3IoQ2FMHFUMlkJrA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 36175
etag: "78a82653eb0e5aa4f1355c13b665da44a3412024"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9352
Md5:    65e3b72afc2f13978ee80cc87dc289f1
Sha1:   78a82653eb0e5aa4f1355c13b665da44a3412024
Sha256: 9f3a89f268fca25f5a6c7319b1f8412a193cd73bc9c8f4c5a9d294582df3a57b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pt7rJi8EIQFBk0gHQZ1WnjvThPba86XZCGFs83l1ZW2dj-_6bZprAA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 36175
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5980
Md5:    ef17205adb2b478d3bff54b048208d22
Sha1:   12aac1bd22e675f09a220de08b4656e801c2e647
Sha256: 620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
                                        
                                            GET /ima/2022/07/31/nyb8ss.webp HTTP/1.1 
Host: img7.ng8855.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         104.21.77.58
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Date: Mon, 26 Sep 2022 07:52:51 GMT
Content-Length: 878038
Connection: keep-alive
Last-Modified: Sun, 31 Jul 2022 06:48:35 GMT
ETag: "62e625c3-d65d6"
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 3771
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpH4aqa7YHG4H4FmJkT%2FJDTk4GkKtz8znJa34fleisFfS4%2F89M2B4rLCMAYeV%2FPJSvuMunjZKkUvhx86SeX25nqK3RGkB5PbOG6%2Byic9rJ0r6iFzU9EyZegB0f5SJ8aEEc0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750a6c2cbfd60b06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   878038
Md5:    b27d4d1cc3ecf1b3895562d9c6fd6ccc
Sha1:   4df68c7197bccf4861f0d4acb5701e37d6b8f0cf
Sha256: 36ae8b84e8d7ebfd03bc852f0c7f6f39047bce8d2ad28fb808b352908b3056fb
                                        
                                            GET /e48970f4052a7ec9d8b871d168e2b2ab.gif HTTP/1.1 
Host: kvemm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.154.214.206
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Mon, 26 Sep 2022 07:52:51 GMT
content-length: 162
location: https://kvhiii.top/e48970f4052a7ec9d8b871d168e2b2ab.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /hf/yp120.gif HTTP/1.1 
Host: www.tupku.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.82.102
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 109689
last-modified: Fri, 15 Apr 2022 17:55:53 GMT
etag: "6259b1a9-1ac79"
expires: Thu, 20 Oct 2022 08:37:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 475492
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvAOvPjHzeWKcepRsnVe4H1nvQYIhO%2B5T4hb4IFTIghvdPxSAuqIyFFH9i8WMWEb11hCG2g7xdQh1gEzkBxlOzfRHcHbAFOUEGIOsclmW2mC%2BhtdxXuuROADkSPzD4mT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750a6c2cfde9b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   109689
Md5:    7d67ccad417cbde7979d80dfd2a3cb20
Sha1:   86fcfe3f69cd276af9c6c52223d662b6bfcca761
Sha256: ea94b29871639ff918ab0ab9efe4299ed440a232de7233c59e8a6d5bb5b8aa05
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "11D6D6B0BF568355CA7C19707205D25B47CDA195008F9108BB51FF9CDBCF1D5E"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3346
Expires: Mon, 26 Sep 2022 08:48:38 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "07F6525F7E174043AD9BA9ABA990B571F8D0DA9CE44394576BC28BF7E337A465"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4609
Expires: Mon, 26 Sep 2022 09:09:41 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "07F6525F7E174043AD9BA9ABA990B571F8D0DA9CE44394576BC28BF7E337A465"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4609
Expires: Mon, 26 Sep 2022 09:09:41 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26AEC0D573C42EBD40E61925690C1AA3FDCDF99057E9F8A79F211B7C8DA597D0"
Last-Modified: Fri, 23 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9551
Expires: Mon, 26 Sep 2022 10:32:03 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            GET /lm/ynv100.gif HTTP/1.1 
Host: aooacctp.vip
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.82.179
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
etag: "629314af-15bca"
expires: Wed, 05 Oct 2022 09:07:30 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1809855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B9J8HJ2Ctacj5eWgo06H%2BnnWmGIZlB4%2BwvxJQsGdGz4fv2ICauLv0pokiWe%2FepCLOzTNfyE%2BAjD8eRRwHyvvgcc6RGB3v2gli6JjQfSGYOSTPqpKKTKQTRqRu6p8Pg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750a6c2f1c44b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 267 x 160\012- data
Size:   89034
Md5:    482e725b00bf18359cae59cd413aea13
Sha1:   aaf8f22b9470066e250989a25a09a7486c3aaf28
Sha256: 85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
                                        
                                            GET /lm/se5.gif HTTP/1.1 
Host: aooacctp.vip
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.82.179
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Sun, 09 Oct 2022 00:00:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1497038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjr7iwifyAGwIvwmFjC9KFpUoCq21fbRcDuJ5eHkW9xGH%2Be6BKVyo35%2BmtVL0259oCD83eMisXjsM0XFcq5zslSZQJEQ5H7hmt8n1foOV%2F1nC6xBTVK5XxWLpvuMLoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750a6c2f1c4ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 180\012- data
Size:   396964
Md5:    7b42e791e269b8425a0f380efdd8e5fd
Sha1:   10c09c8f711478c7aeccc988c076d299fafcbbfa
Sha256: 00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26AEC0D573C42EBD40E61925690C1AA3FDCDF99057E9F8A79F211B7C8DA597D0"
Last-Modified: Fri, 23 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9551
Expires: Mon, 26 Sep 2022 10:32:03 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 848
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 07:52:52 GMT
Last-Modified: Mon, 26 Sep 2022 07:38:44 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26AEC0D573C42EBD40E61925690C1AA3FDCDF99057E9F8A79F211B7C8DA597D0"
Last-Modified: Fri, 23 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9551
Expires: Mon, 26 Sep 2022 10:32:03 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            GET /upload/art/gif/gfdt/031815-830-2.gif HTTP/1.1 
Host: mei.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.140.29
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 13409
last-modified: Mon, 19 Sep 2022 11:13:16 GMT
etag: "781129d118ccd81:0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4829
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PweUlx9wIQ20BTZjkyZ%2Fa4fh2%2Bme75zsyV1RhBzcfLdEhrj6XF5WyE%2B%2FcSjcNmIoBIIM7G9nqFzLW3zZuZFQ4%2BWzjmGlUTB0AYvnFoBRZqG5%2BvR21hL9MTzqSPRdYwPn50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750a6c2f889d7484-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Size:   13409
Md5:    02be989d8a8445348272a7f2c038f670
Sha1:   d8e61335f8ed0e23b61f503b99ec05a0972e03ee
Sha256: 49c4c28c6fc235a46e18b97736732a1f142c985a7cb9abcf0541e41a428c7907
                                        
                                            GET /hm.js?84c863ef954e26adfd9e72a90e4b6c5b HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gifts-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:51 GMT
Etag: 47df0988d4ce8973fe0ab2055585c546
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=30661B0DE97724B9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    120319c1bcb933dfc0115a6240fa3b9d
Sha1:   c2815d967e13edcee67d1598ccaf2244151729da
Sha256: 0adcfd18a9e602de0084396f4d45ad27e4738d38d40e94de09eb9eb00577c7e5
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "07F6525F7E174043AD9BA9ABA990B571F8D0DA9CE44394576BC28BF7E337A465"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4609
Expires: Mon, 26 Sep 2022 09:09:41 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F6703E685037B62C394C03D16E386C1CECE522BF3F4892E5AD0F23032E89FA18"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18032
Expires: Mon, 26 Sep 2022 12:53:24 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 848
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 07:52:52 GMT
Last-Modified: Mon, 26 Sep 2022 07:38:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F6703E685037B62C394C03D16E386C1CECE522BF3F4892E5AD0F23032E89FA18"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18062
Expires: Mon, 26 Sep 2022 12:53:54 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            GET /e48970f4052a7ec9d8b871d168e2b2ab.gif HTTP/1.1 
Host: kvhiii.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://haitangtv6.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.203
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 966741
last-modified: Sat, 12 Mar 2022 15:18:45 GMT
etag: "622cb9d5-ec055"
expires: Fri, 21 Oct 2022 19:54:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 388728
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnZpr0ChNMF8qdq%2FS%2BWVza%2B6LGfVF9MSbhvDJVOojZ9npVhI2hsmvevjn0Lu%2FmUCchN9T9L%2BTN1j1x3RMvAThdVDuN4Pyc5f4A2z8S88xKhMkfNEUabNpZixr5Ew"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750a6c2f69a106f9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   966741
Md5:    e6e170a45f5089c336f21c4453d4e00f
Sha1:   20fcfbe9d22eb6868add8b1782234d1b888c0337
Sha256: a37eaf9f04a634f3e85dcd7353eb1fa224ddefa8d1e04b65a946b3cebf97ea75
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F24F707EE97C929E318AAB16EA25C56C1FD60C58A858B40C270C43EA2F5CD2A8"
Last-Modified: Sun, 25 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 26 Sep 2022 13:52:52 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:19:04 GMT
Expires: Sun, 02 Oct 2022 01:19:03 GMT
Etag: "c2fd021d897750ac8b57bc72b799e790163b6f3f"
Cache-Control: max-age=494170,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c302ea6b500-OSL

                                        
                                            GET /template/m1938pc/static/fonts/9a493d426e0448e59e470e76ff1be0a0.woff HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://haitangtv6.top/template/m1938pc/static/css/style.css

                                         
                                         154.219.167.85
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /hm.js?c7a86de7b493b415dc0df800703b18be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gifts-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:51 GMT
Etag: b19191a6e76467aee164041539ad68db
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FA9115CBF7932C76; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    9ac58ac61ab41db30c91f44de7c3f93e
Sha1:   7716c2ea34dfd0a4fc66c40bcba717dcf9569291
Sha256: d3a7632e7797639c253eee97945713bf90a9f4b921077cac2bfaeedef4a711e8
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 04:12:45 GMT
ETag: "cbc425a5ac2e286c4a30a46e265570b10f6a0c7c"
Last-Modified: Mon, 26 Sep 2022 04:12:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2139
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750a6c30fde4b4fd-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    8974a8dd685a41624c5b3e983c6365b7
Sha1:   cbc425a5ac2e286c4a30a46e265570b10f6a0c7c
Sha256: 0724d65b9cb8a75e181662a843ea617d02651e7a0bac5d9579d5ebe791526ee8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 21:16:05 GMT
Expires: Sat, 01 Oct 2022 21:16:04 GMT
Etag: "c064fa8b6308966b09a9afdf88f24ebdb8a57442"
Cache-Control: max-age=479591,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c31183bb500-OSL

                                        
                                            GET /v/?uid=387913 HTTP/1.1 
Host: i.6v6.work
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         23.225.199.165
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   23
Md5:    7ef3933d0347a8eb9b3dbf6f4b035b78
Sha1:   772121927ca42ae6345bcfc9eea8a0a3dcefc369
Sha256: 1645ef4e05613302e213e91b4ef584695a22391778e12d0dff49b0fdbd0208da
                                        
                                            GET /template/m1938pc/static/fonts/iconfont.woff HTTP/1.1 
Host: haitangtv6.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://haitangtv6.top/template/m1938pc/static/css/style.css

                                         
                                         154.219.167.85
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 2924
Last-Modified: Wed, 02 Jun 2021 11:05:00 GMT
Connection: keep-alive
ETag: "60b765dc-b6c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2924, version 1.0\012- data
Size:   2924
Md5:    1b05b2b67ca6e3fe976ed8d2d1aa31d5
Sha1:   c7055832382daf713a911d67501e26873db045f8
Sha256: ac1718a88630db8d2fd67997ad9796acdc8a6a88361b2b7058832caeec4fb22d
                                        
                                            GET /upload/vod/2021-12-12/16392818773.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 25815
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:37 GMT
Accept-Ranges: bytes
ETag: "61ec6e61defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x288, components 3\012- data
Size:   25815
Md5:    93f7729564922532163cf37cfc4c6c88
Sha1:   3d9f39669d91df84117462e4cdc7a44b9f216c52
Sha256: 1e69b39a30aea3e3812c3e0c0e64fe0c52ad21984a3c801c651ac243606c8bdd
                                        
                                            GET /upload/vod/2021-12-12/163928187015.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 16665
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:31 GMT
Accept-Ranges: bytes
ETag: "87647e5ddefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x288, components 3\012- data
Size:   16665
Md5:    d734ed0eda2219cec79ec0f6843518c2
Sha1:   72cfb95e4850c464837d43200877f226d03073a1
Sha256: 65b53b0900754cca0d26d6a59fe9c205d27a72bf042032cf498eae01a3ad497c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:04:53 GMT
Expires: Sat, 01 Oct 2022 05:04:52 GMT
Etag: "a88ef6fd3acc453199d46a0fbec7d5cf78c91c67"
Cache-Control: max-age=421319,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c311950b4f4-OSL

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2129126929&si=84c863ef954e26adfd9e72a90e4b6c5b&v=1.2.97&lv=1&sn=48516&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.gifts-now.com%2Findex.php&tt=%E6%9D%A5%E5%AE%BE%E5%82%A7%E8%B0%8F%E7%94%B5%E5%AD%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gifts-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 26 Sep 2022 07:52:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=63EE18786A84AE1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F015DD0219434C49CD52879C992E27AB850170F5478F715EB6E4E288AAFFDB01"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16262
Expires: Mon, 26 Sep 2022 12:23:54 GMT
Date: Mon, 26 Sep 2022 07:52:52 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2021-12-12/16392818785.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 59944
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:39 GMT
Accept-Ranges: bytes
ETag: "b9341862defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 775x467, components 3\012- data
Size:   59944
Md5:    513d6f7c1748d8b565dc64c6bd4b7cba
Sha1:   5b5d4b33a33d10218b5f793654bf737662bb8c1e
Sha256: 2ecc9a695c38453e149d807a74e9fdac685fe496d42624e9691ab6f4da0afe0e
                                        
                                            GET /upload/vod/2022-04-26/165094704411.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 72887
Last-Modified: Sat, 06 Aug 2022 09:54:30 GMT
Connection: keep-alive
ETag: "62ee3a56-11cb7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   72887
Md5:    15adf81b551232bb695c0c9460363555
Sha1:   ac39b1dbbd758a2faac745b837a1f59a8df5b508
Sha256: c036d9e95b26e9c49663d4b5c122282ad271896a9bc34ff9905c0dcfd8776101
                                        
                                            GET /upload/vod/2021-12-12/16392818772.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 97476
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:37 GMT
Accept-Ranges: bytes
ETag: "204661defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 963x541, components 3\012- data
Size:   97476
Md5:    db7affd73378abb93ad4b1d80da4c819
Sha1:   37b4035bec5619c978b897f36177191edf18eaab
Sha256: ecd6e293c5e7479fc3eaab5a34a1d97cf781579d4b7a7399a884babb05f69615
                                        
                                            GET /template/img/8499.gif HTTP/1.1 
Host: haitangtv2.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://haitangtv6.top/

                                         
                                         122.10.49.87
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 178597
Last-Modified: Wed, 14 Sep 2022 12:31:00 GMT
Connection: keep-alive
ETag: "6321c984-2b9a5"
Expires: Wed, 26 Oct 2022 07:52:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 980 x 80\012- data
Size:   178597
Md5:    28984951e9e30efe648d5312b99a1f62
Sha1:   0320cde9aa3b8c2b72fd330540fbff2b248a926e
Sha256: 36247c510e69aa6bb07a8e19751e7c84b5ec97213aec051fd10dd601dfc3e163
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:39:11 GMT
Expires: Sat, 01 Oct 2022 17:39:10 GMT
Etag: "f1a25cfb47e25e3df8895a57dee143e65a85b1fe"
Cache-Control: max-age=466577,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c329b73b4f4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:09:32 GMT
Expires: Sun, 02 Oct 2022 03:09:31 GMT
Etag: "d646c86f23cc10e64bb7df3fa122ad20d3708130"
Cache-Control: max-age=500798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3188cfb500-OSL

                                        
                                            GET /hm.js?3e4245b0fdf57a3891f74ac658409754 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:52 GMT
Etag: 19fb8601e4e1c9ef9be231d927272dd1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E8A68E0C5BBB3E4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    a13164e6e554bb6062441bdbb8c6ce2b
Sha1:   e5b8a58992a98dc3a430ec0f16dfc13144f7c114
Sha256: 43f17624b12ccaa5bcdfb5e382fd46765688fb36d23391eabc1259d866dcfc3e
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=242674797&si=c7a86de7b493b415dc0df800703b18be&v=1.2.97&lv=1&sn=48516&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.gifts-now.com%2Findex.php&tt=%E6%9D%A5%E5%AE%BE%E5%82%A7%E8%B0%8F%E7%94%B5%E5%AD%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gifts-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 26 Sep 2022 07:52:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=479C227A1670B652; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /img/96060.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 07:51:06 GMT
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Wed, 26 Oct 2022 07:51:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   46855
Md5:    2b9c30b086d03d90a45a9174aef7b408
Sha1:   e87dbe76669e2f402826dd598bb047d793b1e20c
Sha256: f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
                                        
                                            GET /upload/vod/2022-02-18/164515708412.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 112642
Last-Modified: Sat, 06 Aug 2022 09:53:40 GMT
Connection: keep-alive
ETag: "62ee3a24-1b802"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 519x390, components 3\012- data
Size:   112642
Md5:    6a7a5076d7f7547e02bfeef0777f9449
Sha1:   88fc7770651a95098bfa1dece839c05fd92222ac
Sha256: 06d5b4a490068a0f951ffcf6108a7cf3fe4caca141886734ac99da2b5d1f1ff1
                                        
                                            GET /upload/vod/2022-04-28/165111874213.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 5926
Last-Modified: Sat, 06 Aug 2022 10:00:54 GMT
Connection: keep-alive
ETag: "62ee3bd6-1726"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size:   5926
Md5:    fb650bbc7f5a0e5cec7c737329ef4442
Sha1:   f25a08b9831ec14f293d3b7dbd45e899b537c952
Sha256: 05e9a0bf267be2312730ba7f0ca4b8ed881e3d961a57f401ce2f747dda0d594c
                                        
                                            GET /upload/vod/2022-04-26/165094704413.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 52296
Last-Modified: Sat, 06 Aug 2022 10:02:07 GMT
Connection: keep-alive
ETag: "62ee3c1f-cc48"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   52296
Md5:    9df79a1039a265e3aede2519a4dd1346
Sha1:   9a5ccf2fb7dafe2b3c9b23cccd2ee6541ccaf96e
Sha256: 4cc5901da342e358186c844766394bf6b3468f332cc7b962367324482f81ca91
                                        
                                            GET /image/ny-960x240.gif HTTP/1.1 
Host: uu99k.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.89.147
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:52 GMT
content-length: 135994
last-modified: Sun, 25 Sep 2022 16:07:40 GMT
etag: "63307ccc-2133a"
expires: Tue, 25 Oct 2022 16:07:49 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   135994
Md5:    3d2f5956b5922d7a865c6c2ef9d4b19d
Sha1:   d97333e52c0e2f72ae30e857442c18192eeffa35
Sha256: 739c40c1606818ac272eb66da3618eeec03084cdaec4b63b2e04fdad2a7ef562
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:39:11 GMT
Expires: Sat, 01 Oct 2022 17:39:10 GMT
Etag: "f1a25cfb47e25e3df8895a57dee143e65a85b1fe"
Cache-Control: max-age=466576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c32ebd7b4f4-OSL

                                        
                                            GET /hm.js?84c863ef954e26adfd9e72a90e4b6c5b HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 47df0988d4ce8973fe0ab2055585c546

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:52 GMT
Etag: b17d3d55ac1e815c2ab329f42c522bdf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=88192F203351D9E5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    d671c39cb2fb42b09e32e16052e2dd35
Sha1:   de54f7ebf443f4cab8080b38ad82609e66db60e5
Sha256: debe2f6a181a07c4b807829cef8d2974277bb6f17fbe42d77fb6c72ed31d7da7
                                        
                                            GET /upload/vod/2022-04-26/165094704412.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 102433
Last-Modified: Sat, 06 Aug 2022 10:00:50 GMT
Connection: keep-alive
ETag: "62ee3bd2-19021"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 543x372, components 3\012- data
Size:   102433
Md5:    417833e4145519c7404e5ed081f285f7
Sha1:   58c116260504f972c805859f95065eeeccaf4b8b
Sha256: fa786d18376ed32f3ef1b094625ed13a7efeebdaa036f29385de16e64286aed4
                                        
                                            GET /upload/vod/2022-04-26/16509470449.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 57627
Last-Modified: Sat, 06 Aug 2022 09:59:03 GMT
Connection: keep-alive
ETag: "62ee3b67-e11b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   57627
Md5:    0c9ef180b5dd7d1488ce96eef2aae800
Sha1:   916bee93c74a0cb97885cee46400958a2f727506
Sha256: f4a1414a4393bf8b1105b335d64255678a279e062712be15cc7f2c78d56cfb81
                                        
                                            GET /upload/vod/2022-04-26/165094704410.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 175806
Last-Modified: Sat, 06 Aug 2022 09:59:03 GMT
Connection: keep-alive
ETag: "62ee3b67-2aebe"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 673x465, components 3\012- data
Size:   175806
Md5:    09b9c0ff84c75c1fe96e79a43c950e8d
Sha1:   dbcef7fec000e6f31ab3509af3346f662681c284
Sha256: dd2926e3b3d1429f892b0454b05caab3492fe63b31c4aef925806afd30519525
                                        
                                            GET /upload/vod/2022-04-27/165103222713.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 83780
Last-Modified: Sat, 06 Aug 2022 09:59:03 GMT
Connection: keep-alive
ETag: "62ee3b67-14744"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   83780
Md5:    1662b4fad0e47ecdfde4b0c84a747f45
Sha1:   78a07a40341e8476702d519b69f0591ad83fd1cc
Sha256: 45c7b74cce630014850010c4bacbe6aa8cb175bcdd7202b04406d0e7db4780fc
                                        
                                            GET /upload/vod/2022-04-26/16509470438.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 128850
Last-Modified: Sat, 06 Aug 2022 10:00:55 GMT
Connection: keep-alive
ETag: "62ee3bd7-1f752"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 661x439, components 3\012- data
Size:   128850
Md5:    28a86f472fd6453c3b1b7d8d859dce88
Sha1:   b61582d7d5d98a2b69954c93ed64034232e52010
Sha256: 5c6113edbadf10c5af08688a7a5a52c2864deb42dd949dc7cf39b0b359880798
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1381413094&si=3e4245b0fdf57a3891f74ac658409754&su=http%3A%2F%2Fwww.gifts-now.com%2F&v=1.2.97&lv=1&sn=48516&r=0&ww=1268&ct=!!&u=http%3A%2F%2Fhaitangtv6.top%2F&tt=%E6%B5%B7%E6%A3%A0%2C%E6%B5%B7%E6%A3%A0TV%2C%E6%B5%B7%E6%A3%A0%E5%BD%B1%E8%A7%86%2C%E6%B5%B7%E6%A3%A0AV%2C%E6%B5%B7%E6%A3%A0%E7%BD%91 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 26 Sep 2022 07:52:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C3A20D1E9AD805AD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /9e0634e7233945038439f6bec738a00e.gif HTTP/1.1 
Host: 85939597192.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "63072f35-5957e"
Date: Sun, 28 Aug 2022 09:50:44 GMT
Server: nginx
Last-Modified: Thu, 25 Aug 2022 08:13:41 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-19
Content-Length: 365950


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   365950
Md5:    07eff4873ffb0bbd8a991a91b39d2a47
Sha1:   1dc4444aaed40a7ba4a56d341be2c13073d8b818
Sha256: 7a31ab72c03a1ced3856b5af4567ad3a336dbc88a8094a689d361c253a1e8afc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /upload/vod/2022-04-27/165103222714.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 362009
Last-Modified: Sat, 06 Aug 2022 10:00:53 GMT
Connection: keep-alive
ETag: "62ee3bd5-58619"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 450 x 298\012- data
Size:   362009
Md5:    803a80fe38d4c795aa70790869936593
Sha1:   23a9295651ea318f5eb7f825d3669fc66e17fe8e
Sha256: 0a02ef4cd2040d34301c0cb561560a5c395e499cdee445507ad494e2ed3f74d8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 03:55:49 GMT
Expires: Sun, 02 Oct 2022 03:55:48 GMT
Etag: "afb6c2b2381197cc236485b1a42ddee3d8190459"
Cache-Control: max-age=503574,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c352ed2b4f4-OSL

                                        
                                            GET /img/960240.gif HTTP/1.1 
Host: taiwtp1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.128.218.220
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 07:51:06 GMT
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Wed, 26 Oct 2022 07:51:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   223879
Md5:    a39bb27f09ccd6961fe1c0f3074a8b97
Sha1:   0e914bc58abc78e7275d3c639e2aeb548313d627
Sha256: 269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
                                        
                                            GET /upload/vod/2022-04-26/16509470437.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 125144
Last-Modified: Sat, 06 Aug 2022 10:00:55 GMT
Connection: keep-alive
ETag: "62ee3bd7-1e8d8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 591x406, components 3\012- data
Size:   125144
Md5:    501b9be7b2a49130c4f11591a55c1603
Sha1:   4bbe92b6eac3f7470f4fcf6103311fc483ef0e87
Sha256: c72e0d43f222c5b6c2071ee29479fe62b9d0d2b30d25abe41e1a929fef18c220
                                        
                                            GET /upload/vod/2022-04-26/16509470434.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 90821
Last-Modified: Sat, 06 Aug 2022 10:02:08 GMT
Connection: keep-alive
ETag: "62ee3c20-162c5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   90821
Md5:    9de92e63b245c8dcf6f72b56964b4755
Sha1:   3dce6386a57e803cb1b745ccec458aca253eb4c7
Sha256: f808ec21d31910b19151248142d5f29691effd90a805c7b2abe6b6132bc0aacc
                                        
                                            GET /upload/vod/2022-04-26/16509470435.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 164598
Last-Modified: Sat, 06 Aug 2022 10:02:11 GMT
Connection: keep-alive
ETag: "62ee3c23-282f6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 689x480, components 3\012- data
Size:   164598
Md5:    0dabf5dcf6e8e0f4b37173b128f0f141
Sha1:   c642e42f22f08bccbeba70ccee2458cf1366b613
Sha256: bfe810c4bbb2917345fdddff9e3141e7dec72ae0996d86e814b96e19ed38aa47
                                        
                                            GET /upload/vod/2022-08-23/16612599473.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 62094
Last-Modified: Tue, 23 Aug 2022 13:42:41 GMT
Connection: keep-alive
ETag: "6304d951-f28e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x400, components 3\012- data
Size:   62094
Md5:    9df83c82c127ba1d02076f5094bdd83d
Sha1:   d432e42a756b60086953c4bf40276511991a3997
Sha256: c2cee38f2ce673ecdac94c780169da4af7c50b2b6b6424cd4853f40c95eddb83
                                        
                                            GET /upload/vod/2022-04-26/16509470436.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 173574
Last-Modified: Sat, 06 Aug 2022 10:02:09 GMT
Connection: keep-alive
ETag: "62ee3c21-2a606"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.00, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x404, components 3\012- data
Size:   173574
Md5:    df8962c3d72dec73d454d09db25abc43
Sha1:   007a628c477ad19a6673e09f247e0154a287e0bd
Sha256: 4fcdc49fd13e9039eb7a9587f99f7834ebd7ab78329ecc49db87f2106d86e029
                                        
                                            GET /j/155176 HTTP/1.1 
Host: kmj.jsebmcv.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Mon, 26 Sep 2022 07:52:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=addb1207a808e88708ba556b51be54537e2103cfa64964d92155ff288dc1be64; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  ASCII text, with very long lines (1107)
Size:   6039
Md5:    e9439cc4e531fce04a3987b82fb93ff8
Sha1:   acd35b23e298c5f784194f1466799e2585271b03
Sha256: af80ce67b870352cb5a516fdb4d96dbb0d4514a341f16bcf49848a28bdeca648
                                        
                                            GET /4390228d985b47448c6f713f8fe0f028.gif HTTP/1.1 
Host: vbutjg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.175
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "62e912dd-4475b"
server: nginx
date: Mon, 08 Aug 2022 10:32:57 GMT
last-modified: Tue, 02 Aug 2022 12:04:45 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-15
content-length: 280411
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   280411
Md5:    407db47fe82ce7627230a1f13c29758e
Sha1:   6e06a957b15d23dae9dfd50883ec763336b0cc43
Sha256: 0253051c4022b808c868a95217819ce0583be3a61523a84581fd79624ff6a94e
                                        
                                            GET /upload/vod/2022-03-08/164671236411.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 62883
Connection: keep-alive
Last-Modified: Tue, 08 Mar 2022 04:06:05 GMT
Accept-Ranges: bytes
ETag: "3b29e0d4a132d81:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 600x420, components 3\012- data
Size:   62883
Md5:    1b0092fedfe94eec5a80894fd8b25fe7
Sha1:   8dfc3995b5453d73d0dd99d830ed7d70da39a645
Sha256: 18f0db29a80435c6db6b4473a6bec6be4f5cecfc2a309cd8d48ac775986bd30c
                                        
                                            GET /hm.js?3e4245b0fdf57a3891f74ac658409754 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 19fb8601e4e1c9ef9be231d927272dd1

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:53 GMT
Etag: 251b271fcb3460579e0f2ea74659d2c5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7EDB264D978EB559; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    80976767c2c6a857b352f13466d73910
Sha1:   41c4e760a869bf7c7ca38e4815417266b9b92437
Sha256: 3036279f2d41e069d027fde33814ec3b52b69e535feb4026b0b4f797683cb6ce
                                        
                                            GET /j/155175 HTTP/1.1 
Host: kmj.jsebmcv.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Mon, 26 Sep 2022 07:52:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=9a7fb846587215e7b16e728b466d80258309f2c0414f22a43859a10d33d04460; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  ASCII text, with very long lines (1107)
Size:   6106
Md5:    73aaf9b9b82f5efb875fbc7c40b46d3c
Sha1:   fabf001230e311017861d342c1dea26cc472d886
Sha256: a69563cce337683de7cbae6e0ec12c4c096cd1214eccd32b4a58d74805cd1096
                                        
                                            GET /d322696327784a63a38d80ccefb1b596.gif HTTP/1.1 
Host: qbyyvg3.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "6267f662-a6dd2"
Date: Sat, 24 Sep 2022 02:30:20 GMT
Server: nginx
Last-Modified: Tue, 26 Apr 2022 13:40:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-19
Content-Length: 683474


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   683474
Md5:    ba813a4b9580b3da278e68a1c3e3a954
Sha1:   6d843c3c02ad3270abd575c460ec26ed615578f4
Sha256: 574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
                                        
                                            GET /upload/vod/2021-12-12/163928244412.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 99257
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:14:04 GMT
Accept-Ranges: bytes
ETag: "93e318b3eefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 511x356, components 3\012- data
Size:   99257
Md5:    85ba9823524cefc88cdcea9d4116a585
Sha1:   be2b0673011a76984ca913fb3a0db41ec693748b
Sha256: 0152d506af162e87bd953652dbcbfe074c0c09f297584726b60a5f023088fe07
                                        
                                            GET /upload/vod/2021-12-14/16394779675.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 132953
Last-Modified: Sat, 06 Aug 2022 10:01:39 GMT
Connection: keep-alive
ETag: "62ee3c03-20759"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size:   132953
Md5:    555034244f1b0da4af778a48d033257a
Sha1:   6934657701906f56f7633b4b0937dd4e2ca3835f
Sha256: 2a0a89bcbb1ac43181f53296d8206528f51538a8f42505a7f2b4897989742a95
                                        
                                            GET /upload/vod/2021-12-12/163928246212.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 138612
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:14:22 GMT
Accept-Ranges: bytes
ETag: "d68bf2bdeefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size:   138612
Md5:    27330222b06525751920fd1ff484ce55
Sha1:   bf010bbc6d84c903ad2f34928ea2f1e974e487b7
Sha256: de9dd0affff2081ed218a0db8e240791adfb2e3d41ed3c1125226abadd5900e4
                                        
                                            GET /upload/vod/2021-12-15/16395506494.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 131972
Last-Modified: Sat, 06 Aug 2022 09:58:55 GMT
Connection: keep-alive
ETag: "62ee3b5f-20384"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size:   131972
Md5:    b715e976ad8a00b629f8e1e7f68c1408
Sha1:   354b35577dd185518aeba6a5ca3fb5ca0453778c
Sha256: 3eed02ad338eea03bb3ca36788232036e87216ac4894df317482bebf117a8043
                                        
                                            GET /hm.js?84c863ef954e26adfd9e72a90e4b6c5b HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: b17d3d55ac1e815c2ab329f42c522bdf

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:53 GMT
Etag: 6f36af07a0a3a25ec324719f0a7eae00
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F904CF94B0EACEFA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    c180a4f2f91e868bd917d44feab820c0
Sha1:   128d0b5fb5e9ef57b42bb53081ba821db3308231
Sha256: b4cb8df661a727b573eb1b5f3980d51f8957bc3a79ae1025aef64a2dabd3d86c
                                        
                                            GET /upload/vod/2021-12-12/16392823428.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 175117
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:12:22 GMT
Accept-Ranges: bytes
ETag: "03c6476eefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 704x480, components 3\012- data
Size:   175117
Md5:    3b81a27a4e93f2cbb3031ceb2370a91f
Sha1:   2872b204a686cb63f579a1c69c047bb9a72ea790
Sha256: 000b8dba64cc2a24b12b45d2f2466b6e8dcdd7d3c0ee6ccb70ad7ebfb7910d25
                                        
                                            GET /upload/vod/2021-12-19/16398863504.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 148042
Last-Modified: Sat, 06 Aug 2022 09:59:12 GMT
Connection: keep-alive
ETag: "62ee3b70-2424a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size:   148042
Md5:    6a3a7099a42c3540feaf474dd538b77a
Sha1:   3e86f2dee7f72a0a997d9166c7288e194135fdc5
Sha256: 10de0dad0c832ea1c2811a9ad3ccee3eb7d48f0f6994ffbfd1388e622e8c5fdd
                                        
                                            GET /a13ccf8571ea4a7ab6b41a306a625f57.gif HTTP/1.1 
Host: u0062.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.174.75
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 26 Sep 2022 07:52:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:25:12 GMT
ETag: W/"62936628-3c8da"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   247851
Md5:    a9bf695dc5e2ed4a1d5e17818bb895f6
Sha1:   5018e0b9d477d7a536586297fbd2404fc407e295
Sha256: 6cd4ba0841e74acee6bcbc0933c03a0932d5e267a3a2b2af1b8f1abd6a7c0010
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 07:52:53 GMT
Server: ECS (amb/6BB2)
Content-Length: 727

                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=830711868&si=84c863ef954e26adfd9e72a90e4b6c5b&su=http%3A%2F%2Fwww.gifts-now.com%2F&v=1.2.97&lv=1&sn=48516&r=0&ww=1268&ct=!!&u=http%3A%2F%2Fhaitangtv6.top%2F&tt=%E6%B5%B7%E6%A3%A0%2C%E6%B5%B7%E6%A3%A0TV%2C%E6%B5%B7%E6%A3%A0%E5%BD%B1%E8%A7%86%2C%E6%B5%B7%E6%A3%A0AV%2C%E6%B5%B7%E6%A3%A0%E7%BD%91 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 26 Sep 2022 07:52:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=27FE3F853BA00DE6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.js?3e4245b0fdf57a3891f74ac658409754 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 19fb8601e4e1c9ef9be231d927272dd1

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Date: Mon, 26 Sep 2022 07:52:53 GMT
Etag: 0809220bb7205cee7522a33a6c3807a5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7EDD479CC648BB88; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (625)
Size:   11338
Md5:    fa6b81701508cbb17aafd86631015f31
Sha1:   21cd46588a23a1190a3f36e5f80cad19e6ff0461
Sha256: a1a5be2a17efcba32b43c1e71eb149c95347d137c981989dadfb7aa7ac6cb1a0
                                        
                                            GET /upload/vod/2021-12-12/163928217214.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 69209
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:09:34 GMT
Accept-Ranges: bytes
ETag: "6afc2412eefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 728x403, components 3\012- data
Size:   69209
Md5:    37cab5f150ecf17647b8756ec0a31f4e
Sha1:   f9f0677e10d96aabcd5e1ba64438dc607cea7815
Sha256: db17bb59bec0b53bd4fe69dfe19fbdf9ac7539b0e6212ea41adf0d1fe5790ca8
                                        
                                            GET /upload/vod/2021-12-12/163928188711.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 7994
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:47 GMT
Accept-Ranges: bytes
ETag: "e1c55167defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7994
Md5:    edddef503d4f0645a2917e228a96c15c
Sha1:   d524eab2715bea7d1667cffc9cf0d1105ae73ae0
Sha256: a07bcd7573d163c984c28747d18a8af6b214a08789b6186307c2e81e8953e21a
                                        
                                            GET /upload/vod/2021-12-12/163928217517.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:53 GMT
Content-Length: 120259
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:09:37 GMT
Accept-Ranges: bytes
ETag: "f4ed913eefd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 928x519, components 3\012- data
Size:   120259
Md5:    1bc84f957d30a26ae7e72398edc3c731
Sha1:   160c6f5535b65a1f8a779ce3323e652ab3ee2088
Sha256: 91e1d53b2356efa907f86da9f15d792e3e0dab42f5cd02e2a650f9e33acf6797
                                        
                                            GET /upload/vod/2021-12-12/16392819441.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 96418
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:05:44 GMT
Accept-Ranges: bytes
ETag: "8886c89defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 800x450, components 3\012- data
Size:   96418
Md5:    5869e1c25b0fc7186ce9ad30bd9ddbc5
Sha1:   8067df54706066f7b114aa48e30f25955fdc522d
Sha256: a09b92dfda2858241ea736afac3b1bab1745558af68b8620f09db4b2cc593bbe
                                        
                                            GET /ce448e4023d1403690627f29171c4e33.gif HTTP/1.1 
Host: 885842.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Mon, 26 Sep 2022 07:52:52 GMT
Content-Length: 345907
Connection: keep-alive
x-oss-request-id: 63315A54051F683037F53A03
Accept-Ranges: bytes
ETag: "2EE5F66106AE0732C6B5A2B3E146B1D0"
Last-Modified: Sun, 26 Jun 2022 08:14:36 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7474163047334478832
x-oss-storage-class: Standard
Content-MD5: LuX2YQauBzLGtaKz4Uax0A==
x-oss-server-time: 2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 240\012- data
Size:   345907
Md5:    2ee5f66106ae0732c6b5a2b3e146b1d0
Sha1:   54aa9daf641f387b9fed927823d30d488824b495
Sha256: b2aed9a0dec4a721a967a1a894ab1d569735a5cbdf5b5de126f8a780906ca4e4
                                        
                                            GET /upload/vod/2021-12-12/16392818798.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 110550
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:04:39 GMT
Accept-Ranges: bytes
ETag: "98329462defd71:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 793x562, components 3\012- data
Size:   110550
Md5:    910fce95ebf2d8859172907460898c34
Sha1:   339d377df907740580aa7842a2848cfe132d849f
Sha256: 1d4be13c3a9743a2bb59841ef0ba62fdd51586950f974f1822634791ddaf432e
                                        
                                            GET /upload/vod/2022-04-27/165103222712.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 58523
Last-Modified: Sat, 06 Aug 2022 10:02:08 GMT
Connection: keep-alive
ETag: "62ee3c20-e49b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 638x428, components 3\012- data
Size:   58523
Md5:    852364a47d1b917dc4d57f158c3a404e
Sha1:   50d2bb0e8d9cea663bba6d820b2a8e147400ffe6
Sha256: 59f7d868fb8238cad96aeef0f16883148d9b87618f89d688f947df320502cc36
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:07:47 GMT
Expires: Fri, 30 Sep 2022 16:07:46 GMT
Etag: "1a7cfef6bd074a72ffeb5ded2ac1da8353a1e83f"
Cache-Control: max-age=374691,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3a1c3fb4f4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 16:24:13 GMT
Expires: Sat, 01 Oct 2022 16:24:12 GMT
Etag: "562ecb948b695e1387aa920d41d6ff29c77e0dee"
Cache-Control: max-age=462077,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3a1a55b503-OSL

                                        
                                            GET /upload/vod/2021-12-20/16399938364.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 147704
Last-Modified: Sat, 06 Aug 2022 09:59:12 GMT
Connection: keep-alive
ETag: "62ee3b70-240f8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 595x437, components 3\012- data
Size:   147704
Md5:    1282fd84ef7a9ccf464bc5cff32c9417
Sha1:   69d8524382c2ac47a92c47bdbe29c6921dd242a9
Sha256: 739014fa52d402f69fb9ebaf9c5cef724b38f15cbea083e93b178b7196c0751b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 16:24:13 GMT
Expires: Sat, 01 Oct 2022 16:24:12 GMT
Etag: "562ecb948b695e1387aa920d41d6ff29c77e0dee"
Cache-Control: max-age=462077,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3a9f9fb4f7-OSL

                                        
                                            GET /mnrt/kmrr.png HTTP/1.1 
Host: kmr.mjnbrt.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.92.242
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 84560
Last-Modified: Wed, 14 Sep 2022 16:54:01 GMT
Connection: keep-alive
ETag: "63220729-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Size:   84560
Md5:    3c80359bedd35432aea1539a1edcd122
Sha1:   62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
Sha256: 74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 16:10:34 GMT
Expires: Sun, 02 Oct 2022 16:10:33 GMT
Etag: "d3f7ab47a83890ef06d5f756135af2de7e7ace31"
Cache-Control: max-age=547658,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3d8963b4f4-OSL

                                        
                                            GET /hyjoilbsegcv/i.gif HTTP/1.1 
Host: gbtrymj.gbtyunm.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.92.246
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 120212
Last-Modified: Tue, 13 Sep 2022 02:11:45 GMT
Connection: keep-alive
ETag: "631fe6e1-1d594"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 200\012- data
Size:   120212
Md5:    cfcb93f9b3de9649f059fb52d2af126b
Sha1:   7ef9810a2044434a3fd2beec5d46ccfbf130d861
Sha256: aecca070d9dbc76498c2cf867f53ff7f03894b6726b7fa048ba48285bcf6e57a
                                        
                                            GET /hyjoilbsegcv/g.gif HTTP/1.1 
Host: gbtrymj.gbtyunm.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.224.92.246
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 84902
Last-Modified: Tue, 13 Sep 2022 02:11:44 GMT
Connection: keep-alive
ETag: "631fe6e0-14ba6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 600 x 200\012- data
Size:   84902
Md5:    0cb399000c6ab6a24427f7f3988c0d67
Sha1:   28a3f6e6010d3bbfe920fc49e37654d6a26d5df0
Sha256: 801a92ac0b391e96d44f5ca8d85663870e08a6ccace9abaed47364e88fad2d50
                                        
                                            GET /e5a81691b8d340a986bcc454847c9f69.gif HTTP/1.1 
Host: vesdsp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.189.108.99
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "62c310a7-1a141"
server: nginx
date: Wed, 21 Sep 2022 00:23:34 GMT
last-modified: Mon, 04 Jul 2022 16:09:11 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-089
content-length: 106817
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 650 x 350\012- data
Size:   106817
Md5:    0eb9b429d4f52c605356c4d18393e1d7
Sha1:   53d2096a8a5459970d85a4cfe1c445347a20cd5a
Sha256: 381cb5266cebdf1d462684250f25108cd65032ddce3126a2016985d2f2fab36a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 21:20:25 GMT
Expires: Fri, 30 Sep 2022 21:20:24 GMT
Etag: "0008efa1493b3c2bc0ab71007d315fda5ee56583"
Cache-Control: max-age=393449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3e5cc8b4f7-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:48:52 GMT
Expires: Fri, 30 Sep 2022 16:48:51 GMT
Etag: "158d40e7ae5f7740b70a4dadea637e2ff1f5d355"
Cache-Control: max-age=377155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3e5f8bb503-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:48:52 GMT
Expires: Fri, 30 Sep 2022 16:48:51 GMT
Etag: "158d40e7ae5f7740b70a4dadea637e2ff1f5d355"
Cache-Control: max-age=377155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750a6c3f8bcfb4f4-OSL

                                        
                                            GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1 
Host: hnt.qtmdzsj.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=26194f5904b49f972d37278e1e971efd72dc99adcb3714ddafd8bbf55b9e5120; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   727
Md5:    783cc119a0f7a9011e903e7fe6832f22
Sha1:   2d7ec6bd4a5d9dc19a935048a5624a6357df5842
Sha256: 39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
                                        
                                            GET /c.php?s=JnpvbmVpZD0xNTUxNzUmc2l0ZWlkPSZ1aWQ9MTEzMjEmYWRzaWQ9NTk1ODE0NiZwbGFuaWQ9Mjk2MzImcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnluaGVuamEuY24lMkZ0dHR0JTJGJnZ0aW1lPTIwMjItMDktMjYgMTU6NTI6NTMmaXA9OTEuOTAuNDIuMTU0;e7385c10d39a80f34d6e0631b3da073f;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmdpZnRzLW5vdy5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGaGFpdGFuZ3R2Ni50b3AlMkYmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVCNSVCNyVFNiVBMyVBMCUyQyVFNiVCNSVCNyVFNiVBMyVBMFRWJTJDJUU2JUI1JUI3JUU2JUEzJUEwJUU1JUJEJUIxJUU4JUE3JTg2JTJDJUU2JUI1JUI3JUU2JUEzJUEwQVYlMkMlRTYlQjUlQjclRTYlQTMlQTAlRTclQkQlOTEmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1 
Host: poe.xvkfkw.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: aliyungf_tc=fd9dde4b796dec8c07f8a0f8ef09cc67a863dd64088139f3dda2e0a5a85f81ea; Path=/; HttpOnly region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Sat, 25-Mar-2023 07:52:55 GMT; Max-Age=15552000; path=/ visitnum=1; expires=Mon, 03-Oct-2022 07:52:55 GMT; Max-Age=604800; path=/ 11321_29632=re; expires=Mon, 26-Sep-2022 12:52:55 GMT; Max-Age=18000; path=/ do2click_29632=5958146%7C29632%7C11321%7C155175%7C; expires=Mon, 26-Sep-2022 10:52:55 GMT; Max-Age=10800; path=/ doEffect_29632=5958146%7C29632%7C11321%7C155175%7C; expires=Mon, 03-Oct-2022 07:52:55 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

                                        
                                            GET /effect.php?type=ecv&planid=29632&adsid=5958146&zoneid=155175&uid=11321&adtplid=1001&plantype=cpv HTTP/1.1 
Host: hbe.jwddpvu.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=37bfb33e9287a7eb7e813d3c06490ad0848b6e12412da0ad38105fbe122dda99; Path=/; HttpOnly
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

                                        
                                            GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1 
Host: p26.toutiaoimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         120.52.95.241
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 07:52:54 GMT
content-length: 677521
server: openresty
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
server-timing: cdn-cache;desc=HIT, edge;dur=2
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
via: CHN-HElangfang-AREACUCC1-CACHE16[2],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE60[39],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,36]
x-hcs-proxy-type: 1
x-ccdn-cachettl: 31536000
nginx-hit: 1
cache-control: max-age=31536000
age: 8050429
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 270 x 160\012- data
Size:   677521
Md5:    94051cb1d1b77200b4462281a864b96e
Sha1:   e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
Sha256: d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
                                        
                                            GET /tj.html?type=cnzz&id=1279999172 HTTP/1.1 
Host: hnt.qtmdzsj.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         203.107.60.95
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 26 Sep 2022 07:52:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=eb5bb2c58375036154210b0cf57879201af6754d70b625b85ab0f437a7191d36; Path=/; HttpOnly
Last-Modified: Wed, 25 Nov 2020 10:32:42 GMT
Vary: Accept-Encoding
ETag: W/"5fbe32ca-694"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   727
Md5:    783cc119a0f7a9011e903e7fe6832f22
Sha1:   2d7ec6bd4a5d9dc19a935048a5624a6357df5842
Sha256: 39ff2d9297f05eb036275ee306204390da33c110e973e39da10cdc588f49d505
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 07:52:56 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 07:02:40 GMT
ETag: "7eccef092f8514edec00d9503f54b5c692d1de5d"
Last-Modified: Mon, 26 Sep 2022 07:02:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 578
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750a6c486eb6b4fd-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    f6bff822b758d61015969823a6c0139d
Sha1:   7eccef092f8514edec00d9503f54b5c692d1de5d
Sha256: f1df6ed1f1f0c2938d1601a4a9c0ab7533edad1638e4337f6619dbcdacae64b4
                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Mon, 26 Sep 2022 07:52:53 GMT
content-length: 1495356
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:11 GMT
cache-control: max-age=2592000
x-delay: 103890 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1495356
chid: 0
fid: 0
x-nws-log-uuid: c786ee18-c88d-4903-9d10-15bfca447f59
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   1495356
Md5:    af737e86fc083a958d9f25203333f0be
Sha1:   cb0ee5d9a71efdf61b622bd4175998bdeecca900
Sha256: e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
                                        
                                            GET /z_stat.php?id=1279999172&web_id=1279999172 HTTP/1.1 
Host: s9.cnzz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hnt.qtmdzsj.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         220.185.164.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: Tengine
content-length: 20
date: Mon, 26 Sep 2022 07:08:30 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 26 Sep 2022 07:08:30 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1664176110
via: cache11.l2cn1836[291,282,200-0,C], cache12.l2cn1836[284,0], cache16.cn4100[0,0,200-0,H], cache6.cn4100[1,0]
age: 2666
x-cache: HIT TCP_MEM_HIT dirn:16:21679109
x-swift-savetime: Mon, 26 Sep 2022 07:08:30 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: dcb9a49a16641787767961966e
X-Firefox-Spdy: h2

                                        
                                            GET /z_stat.php?id=1279999172&web_id=1279999172 HTTP/1.1 
Host: s9.cnzz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hnt.qtmdzsj.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 26 Sep 2022 07:08:30 GMT
TE: trailers

                                         
                                         220.185.164.250
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
server: Tengine
date: Mon, 26 Sep 2022 07:08:30 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 26 Sep 2022 07:08:30 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1664176110
via: cache11.l2cn1836[291,282,200-0,C], cache12.l2cn1836[284,0], cache16.cn4100[0,0,304-0,H], cache6.cn4100[3,0]
age: 2667
x-cache: HIT TCP_IMS_HIT dirn:16:21679109
timing-allow-origin: *
eagleid: dcb9a49a16641787771713317e
X-Firefox-Spdy: h2

                                        
                                            GET /upload/vod/2021-12-12/16392821827.jpg HTTP/1.1 
Host: 523zyw.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.142.36.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Mon, 26 Sep 2022 07:52:54 GMT
Content-Length: 3625076
Connection: keep-alive
Last-Modified: Sun, 12 Dec 2021 04:09:42 GMT
Accept-Ranges: bytes
ETag: "3ef22217eefd71:0"


--- Additional Info ---
Magic:  GIF image data, version 89a, 286 x 180\012- data
Size:   3625076
Md5:    d310607aba67aa996b3bc62292effdfd
Sha1:   d9f9c45611fd314a4354c24b942212eab746161e
Sha256: 411ebdc49e623e638e02d1b55cde9cd0689bfaf6c7f3362310137c5edbf08eb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
age: 35246
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7998
Md5:    27d324b1fb661c318aced98468501b3c
Sha1:   5c4ee294c98e8fc9312a7d481b6ec165494cf852
Sha256: 937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437
                                        
                                            GET /960x60-2.gif HTTP/1.1 
Host: 9191919199.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://haitangtv6.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         137.175.12.178
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 07:54:22 GMT
expires: Wed, 26 Oct 2022 07:54:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---